Lightsail instance firewall rule for WSS

Question

I'm trying to set up a secure web socket connection to my lightsail instance, and I need help determining the correct firewall rule setting to use. As I have it now, my web client fails to connect.
I have a web socket listener running on my server:
(Log Output)
Server started
Listening on: 0.0.0.0:2000
Server's ip: 127.0.1.1
Server's host: ...
Client connected
My web page is trying to connect:
var socket=$.websocket('wss://[my_domain_name_here]:2000');
And besides the regular SSH, HTTP, and HTTPS firewall rules for my lightsail wordpress instance, I have added:
**Application Protocol Port or range / Code Restricted to **
Custom TCP 2000 Any IPv4 address
Is this the correct firewall setting for this connection setup? The web page request hangs (pending) and then fails about 30 seconds later.

Answer

Hello, the firewall rule is correct. I think the issue is that you are trying to establish a secure websocket connection (wss://). Using ws:// should work. If you want a secured connection, you can setup a load balancer with a certificate and put it in front of your instance. The load balancer can be configured to send the request to the required port on the instance.

https://www.reddit.com/r/aws/comments/p3pje9/using_aws_ec2_instance_as_a_websocket_server/

Creating Lightsail load balancer and attaching instance: https://lightsail.aws.amazon.com/ls/docs/en_us/articles/create-lightsail-load-balancer-and-attach-lightsail-instances.  
Attaching SSL/TLS certificate to load balancer: https://lightsail.aws.amazon.com/ls/docs/en_us/articles/create-tls-ssl-certificate-and-attach-to-lightsail-load-balancer-https.

Lightsail instance firewall rule for WSS

Relevant content