Short version

For SSL or not SSL

You may have an SSL certificate issue. A connection point rule can be represented as :

• wss connects to https only
• ws connects to http

and vice versa:

• https accepts wss only
• http accepts ws only

Mistakes

The following situations will result in an error (tests performed in Firefox):

• If you want to connect wss to the http endpoint. In my tests I had

  InvalidStateError: An attempt was made to use an object that is not in use or is no longer in use

• If you want to connect the ws connection to the https endpoint, you will have an error

  SecurityError: operation is unsafe.

Formal answer

Bible websocket RFC 6455 . In section 4.1.5 :

If / secure / is true, the client SHOULD acknowledge TLS over the connection after opening the connection and before sending confirmation data [RFC2818]. If this does not work (for example, the server certificate cannot be verified), the client MUST NOT GET the WebSocket connection and disconnect. Otherwise, all further communications on this channel MUST be triggered through an encrypted tunnel [RFC5246].

The protected flag is determined by the URI. Section 3 defines safe

A URI is called "safe" (and it is said that "a safe flag is set") if the circuit component matches "wss" case insensitive.

TL DR

If you want to use wss :

• you must activate SSL
• your endpoint must be protected ( https://... ): "lowering security" is not allowed

If you want to use ws :

• Verify that the endpoint does not have SSL ( http://... )