# Interact with node via websockets

<figure><img src="/files/GJFamWTEjJ8YxYuG7MBb" alt=""><figcaption></figcaption></figure>

## Generate TLS certificate

Prepare the `req.cnf` file

```ini
[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no


#Set your own
[req_distinguished_name]
C = UA
ST = KIEV
L = Kiev,UA
O = KLYNTAR,inc
OU = KLY@CERT
CN = www.localhost.com


[v3_req]
keyUsage = critical, digitalSignature, keyAgreement
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

#Set all you need
[alt_names]
DNS.1 = somedomain.com # set your domain
DNS.2 = *.anotherdomain.xyz # wildcard
IP.1 = 127.0.0.1 # specific interfaces
IP.2 = ::1
```

Then

```sh
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout cert.key -out cert.pem -config req.cnf -sha256
```

You'll get RSA-4096 private key and appropriate self-signed certificate

```sh
root@cb4d8e656db5:~/CERTS# openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout cert.key -out cert.pem -config req.cnf -sha256
Generating a RSA private key
........................++++
..................++++
writing new private key to 'cert.key'
-----
root@cb4d8e656db5:~/CERTS# ls
cert.key  cert.pem  req.cnf
root@cb4d8e656db5:~/CERTS#
```

### Set on server side(it's node)

Add the certificate and key to **KLY\_Plugins/certificates**

<figure><img src="/files/CdCPfrD5fSo1RuSmJV2d" alt=""><figcaption></figcaption></figure>

Now, change the **KLY\_Plugins/dev\_websocket\_api/configs.json**

```json
{
        
    "PORT":9999,
    "HOST":"::",

    "TLS_KEY":"KLY_Plugins/certificates/<NAME>.key",
    "TLS_CERT":"KLY_Plugins/certificates/<NAME>.crt",

    "mTLS":false,
    "mTLS_CA":"",

    "KEEP_ALIVE_INTERVAL":20000,
    "KEEP_ALIVE":true,
    "KEEP_ALIVE_GRACE_PERIOD":10000,
    
    "MAX_FRAME_SIZE":65536,
    "MAX_MSG_SIZE":1049000000

}
```

Finally, modify the node configs. Go to the directory of your symbiote where directories **CONFIGS**, **CHAINDATA**, **GENESIS** located.

Modify the **CONFIGS/common.json** section with **PLUGINS** to enable API over WebSockets:

```json
"PLUGINS":["dev_savitar/server.js","dev_websocket_api/server.js"]
```

### Set on client side(API user, web1337 side)

On client side you just need to add the path to certificate to mark it as reliable

<figure><img src="/files/k2VGaqAPI4lKOIlZeQgr" alt=""><figcaption></figcaption></figure>

## Usage


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.klyntar.org/web1337/networking/interact-with-node-via-websockets.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.