Websockets doesn't work if verify_peer is true

[aceraven777]

I'm using the version 1.12.0

My problem here is when I set the 'verify_peer' => true the websocket is not working, but when the value is false it is working. Is there anyone here managed to make this to work?

For production website, I want set the verify_peer to true to prevent man-in-the-middle attack.

I have a website, lets say aceraven777.com, it already has SSL installed (in the cPanel it has autoSSL enabled).

In the websockets config I entered the same path (the one that cPanel generated) for the certificate and private key.

The chrome throws an error:

WebSocket connection to 'wss://aceraven777.com:6001/app/asdfswerqwsafasfd?protocol=7&client=js&version=4.3.1&flash=false' failed

Below are the settings I used:

config/websockets.php

'ssl' => [
    /*
        * Path to local certificate file on filesystem. It must be a PEM encoded file which
        * contains your certificate and private key. It can optionally contain the
        * certificate chain of issuers. The private key also may be contained
        * in a separate file specified by local_pk.
        */
    'local_cert' => env('LARAVEL_WEBSOCKETS_SSL_LOCAL_CERT', null),

    /*
        * Path to local private key file on filesystem in case of separate files for
        * certificate (local_cert) and private key.
        */
    'local_pk' => env('LARAVEL_WEBSOCKETS_SSL_LOCAL_PK', null),

    /*
        * Passphrase for your local_cert file.
        */
    'passphrase' => env('LARAVEL_WEBSOCKETS_SSL_PASSPHRASE', null),

    'verify_peer' => true,
],

config/broadcasting.php

'pusher' => [
    'driver' => 'pusher',
    'key' => env('PUSHER_APP_KEY'),
    'secret' => env('PUSHER_APP_SECRET'),
    'app_id' => env('PUSHER_APP_ID'),
    'options' => [
        'cluster' => env('PUSHER_APP_CLUSTER'),
        'host' => env('PUSHER_APP_HOST'),
        'port' => env('PUSHER_APP_PORT'),
        
        'useTLS' => true,
        'scheme' => 'https',
        
        'curl_options' => [
            CURLOPT_SSL_VERIFYHOST => 1,
            CURLOPT_SSL_VERIFYPEER => 1,
        ],
    ],

    // Configuration for laravel mix JS
    'mix' => [
        'host' => env('MIX_PUSHER_APP_HOST'),
        'key' => env('MIX_PUSHER_APP_KEY'),
        'cluster' => env('MIX_PUSHER_APP_CLUSTER'),
        'port' => env('MIX_PUSHER_APP_PORT'),
    ],
],

[anditsung]

is there any workaround for this?