So I have a bunch of express node servers that run websockets (ws) just fine and i am looking to transition into using wss (websockets secure). I've got the https server running and wss even works on local host using a self-signed certificate. But my problem is getting it working in a production environment. It seems self-signed certs close silently (without the user getting a prompt to sign) for wss connections. When I try to use a purchased cert from a domain authority, i get "NET::ERR_CERT_COMMON_NAME_INVALID" trying to access the node server via https directly in the browser. With wss connection requests, I get SSL errors like "connection refused".
The common name on the purchased cert is my domain name and the node.js server is NOT connected with my domain name (it's simply an IP address). Is that what's causing the trouble? If so, how what do I enter as the common name when I purchase a cert? Can I use the ip address of the node server which serves the wss connection? Is that the only way to do it?
Is there any way around purchasing a cert on every node.js server I want to run wss on? I'm aware of multi-domain certs, but don't know much about them.