Problem with Safe-Websocket-Connection and Certificat/Key

Godot Version

Version 4.2.1


I am creating a multiplayer game with websocket that is also supposed to work over the browser. So I have to use a safe connection (wss). For this I use a self-signed certificate and key. The problem however, that I’m not able to work around however is to establish a connection. Don’t get me wrong though: If I leave out the safe-part (write ws instead of wss and do not provide a certificate/key) the connection works fine (but just with the .exe and not the web-build). Does anyone of you have experience with this kind of problem?

I’ll leave the code I used down below, my guess is that I somehow handle the certificate/key the wrong way. I’d be supper happy for help since I was working on this game for the last 4 Months and am more or less forced to release and set it by side for some time in the next 2 weeks.

The Code

Certificate Generator:

extends Node
var path = “my path”
var x509_cert_filename = “X509_Certificate.crt”
var x509_key_filename = “x509_Key.key”
@onready var X509_cert_path = path + x509_cert_filename
@onready var X509_key_path = path + x509_key_filename
var CN = “” # nameserver
var O = “Thaeux” # organization
var C = “CH” # country
var not_before = “20240616000000” # start date
var not_after = “20250615000000” # end date
func _ready():
→ if DirAccess.dir_exists_absolute(path):
→ → pass
→ else:
→ → DirAccess.make_dir_absolute(path)
→ → CreateX509Cert()
→ → print(“Certificate Created”)
func CreateX509Cert():
→ var CNOC = “CN=” + CN + " ,O=" + O + “,C=” + C
→ var crypto =
→ var crypto_key = crypto.generate_rsa(4096)
→ var X509_cert = crypto.generate_self_signed_certificate(crypto_key, CNOC, not_before, not_after)

The Host:

var peer =
var cert = load(“res://Security/X509_Certificate.crt”)
var key = load(“res://Security/x509_Key.key”)
func host_game():
→ peer.create_server(Game.port, “*”, TLSOptions.server(key, cert))
→ multiplayer.set_multiplayer_peer(peer)
→ multiplayer.peer_connected.connect(add_player)
→ multiplayer.peer_connected.connect(validate_connection)

The Client:

var peer =
var cert = load(“res://Security/X509_Certificate.crt”)
func test_connection():
→ peer =
→ var error = peer.create_client(“wss://” + Game.dedicated_ip + “:” + str(server_port), TLSOptions.client(cert))
→ if error != OK:
→ → print("failed to join: " + str(error))
→ → return
→ multiplayer.set_multiplayer_peer(peer)

A last detail I should maybe mention, is that I use the same certificate for the client and for the host, but as I understand you’re supposed to do that.

Thanks to anyone who is willing to read through all this, and maybe is able to help.

Anyhow I wish you a great day :).