Connect WebGL from HTTPS to Local Network Server

Hi,
I'm trying to connect a small WebGL Client to a Host in my local Network. I used Mirror Networking first and it worked perfectly fine, hosted on a simple http server. But I defenitly need https for different reasons. And it appears to be much more complicated with SSH/TLS. I've tried a different websocket implementation and netcode.io without success. Is this even possible?

My goal is to have a Computer run as Host in your LAN and everyone in the room with a smartphone can just go to my website, open the webGL Client and join the game in the same local network.

 

"Computer run as Host in your LAN and everyone in the room with a smartphone can just go to my website":

Do you control the mobile devices connecting to your LAN web server? Can you guarantee that they are all on your local wifi, and have an IP in the same network segment as your computer host? I imagine that is the first challenge in that design, so

As for https -- you should always try and use that when you can, so its good to get that sorted now.

Simple Web Transport supports wss protocol -- but you do have to do the dance of setting up your own SSL cert.

Note, in that HowTo they assume you already have DNS for your own domain and that your server
a) thinks its name is somehost.yourdomain.com
b) that all of your clients agree that your server is somehost.yourdomain.com
c) that the IP in your DNS server for somehost.yourdomain.com points to the LAN IP of your server (which isn't best practice, but it works if you *know for certain* that your clients will always and only be on the same LAN network segment.

I have not yet had to do the SimpleWeb transport myself, but the instructions seem pretty straightforward. Let me know if any particular step doesn't work for you.

 

okay thank you! although I'm still trying to understand most of your answers with my limited knowledge about web hosting.

"Do you control the mobile devices connecting to your LAN web server" - I guess?, those are the Players. Their smartphone will only be the controller and the actual game will run on a Host in the same room.

The setup i worked out without https looked like this:
Someone starts the game as host on a PC.
Host will find it's own local IPv4 address. This ip is visible onscreen the whole game.
Player who want to participate open http://www.mysite.com/controller.html which starts the webGL client. Then they enter the ip and join the game locally via websockets. ezpz


"Simple Web Transport supports wss protocol -- but you do have to do the dance of setting up your own SSL cert." -
That's what i just got working.
I'll try and find some webdesigner from work to help me with steps a,b and c later this week. Thanks so far

 

I'll re-iterate your steps so I can reference them below by step number:

1. Someone starts the game as host on a PC.
2. Host will find it's own local IPv4 address. This ip is visible onscreen the whole game.
3. Player who want to participate open http://www.mysite.com/controller.html which starts the webGL client.
   
4. Then they enter the ip and join the game locally via websockets.

So the "players" of the game are going to need to route from their device (assuming a mobile phone which may be on the local wifi, or might be on their own 4g/5g public internet).

The problem is that the host running on the local LAN device in step 2 is going to likely have a LAN only IP. So it will be something like 192.168.1.100 (or 10.100.11.12 if you are in a more corporate LAN). If the mobile device on their cellular 4g/5g connection, they will likely have a public IP will be able to route to the host with the local ip. So step one is to know that in 100% of the cases that your clients in step 3 are on the local network and that they can route to the IP for the host at step 2.

Then, the second challenge is when you are setting up SSL, doing so with just ip addresses is probably not going to work, so you will need that host from step 2 to have DNS that points to his IP address (internal LAN, or public IP -- whichever you are showing to the clients) and that DNS likely has to be reflected on all the client devices as well.

So doing this without a server in the middle with a real public IP and proper DNS setup is going to be tricky unless someone who is more familiar with Mirror knows of tricks that I'm not familiar with.

 

Sharing this in case its useful for others running into issues with wss.

# 1) Setup a Server to run your game server

- This server will host your dedicated server build files exported from unity.
- I used this video as a refernce to get this setup.

# 2) Create a Domain that will point to your ec2 server.

- I used DreamHost for my example, but other hosting services should also work.
- You do not need the hosting option for this domain, as it will simply serve as a way to point to your unity server IP address.

# 3) Point your domain to your server IP address (e.g., ec2)

- To do this, you will need to update your `DNS record`
- In my case, setting the `@` record to my `public ec2 elastic IP address` worked

# 4) Configuring Server

- ssh into the ec2 server and follow the instructions in the Setting Up SSL section
- You may need superuser permissions for some of the steps.

# 5) Testing

- Run your server as shown in the video referenced in `step 1`.
- Connect your client to the host using the domain name created in `step 2`
- In my case, the webgl files are hosted on a `separate server` from the ones mentioned in `steps 1 and 2` (although this may not be necessary).
- Assuming you have completed the previous steps correctly, your client should now connect to the server using wss from an https site.

 

Thanks for sharing. I'm currently trying to do the same, but I'm not really getting step 4. As I understand it, my website needs a SSL certificate to be able to run HTTPS. My game server will be on a seperate server (AWS EC2). In the Unity editor I have to specifiy a path to a cert.json file (using Simple Web Transport). In the same folder there needs to be a cert.pfx file. Is this cert.pfx file the same SSL certificate my website hosting the WebGL part uses? Or should my game server (AWS) have it's own SSL certificate. As there are two servers involved in this setup (1. Webserver & 2. gameserver on AWS) it confuses me.
It would be really appreciated if someone could clarify the above. Thanks in advance

 

The cert.json and cert.pfx file should be moved to the same directory as your game server folder.
See https://mirror-networking.gitbook.io/docs/manual/transports/websockets-transport/ssl