WebSocket 1010 Mandatory Extension vs 1015 TLS Handshake Failure
Both WebSocket 1010 (Mandatory Extension) and 1015 (TLS Handshake Failure) belong to the WebSocket Close Codes category. 1010 indicates that the client is terminating the connection because the server did not negotiate one or more expected extensions in the handshake response. Meanwhile, 1015 means that a reserved value indicating the connection was closed because the TLS handshake failed. This code must not be set by an endpoint in a Close frame.
Description
The client is terminating the connection because the server did not negotiate one or more expected extensions in the handshake response.
When You See It
The client requested a required WebSocket extension (e.g., permessage-deflate compression) during the handshake, but the server did not include it in its response.
How to Fix
Enable the required extension on the server, or update the client to make the extension optional. Check the Sec-WebSocket-Extensions header in the handshake response.
Description
A reserved value indicating the connection was closed because the TLS handshake failed. This code must not be set by an endpoint in a Close frame.
When You See It
The wss:// (WebSocket Secure) connection failed during the TLS negotiation — commonly due to an expired certificate, untrusted CA, or TLS version mismatch.
How to Fix
Verify the server's TLS certificate is valid and not expired. Ensure both client and server support compatible TLS versions (TLS 1.2+). Check that intermediate certificates are properly chained.
Key Differences
WebSocket 1010: The client is terminating the connection because the server did not negotiate one or more expected extensions in the handshake response.
WebSocket 1015: A reserved value indicating the connection was closed because the TLS handshake failed. This code must not be set by an endpoint in a Close frame.
You encounter 1010 when the client requested a required WebSocket extension (e.g., permessage-deflate compression) during the handshake, but the server did not include it in its response.
You encounter 1015 when the wss:// (WebSocket Secure) connection failed during the TLS negotiation — commonly due to an expired certificate, untrusted CA, or TLS version mismatch.
When to Use Which
For 1010 (Mandatory Extension): Enable the required extension on the server, or update the client to make the extension optional. Check the Sec-WebSocket-Extensions header in the handshake response. For 1015 (TLS Handshake Failure): Verify the server's TLS certificate is valid and not expired. Ensure both client and server support compatible TLS versions (TLS 1.2+). Check that intermediate certificates are properly chained.