Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

didinkaj's avatar

Pusher error: Authentication signature invalid..

I'm unable to use reverb in production, I'm getting the error below when I try to send message to client

"exception": "[object] (Illuminate\Broadcasting\BroadcastException(code: 0): Pusher error: Authentication signature invalid.. at /var/www/code/jdk-apps/rat/vendor/laravel/framework/src/Illuminate/Broadcasting/Broadcasters/PusherBroadcaster.php:164) [stacktrace]

the client can connect to the reverb server, however, the server is unable to deliver server-side messages to the client.

everything works fine locally using laravel reverb.

0 likes
10 replies
zitus91's avatar

i have the same problem the client connected, but when dispatch event return "Pusher error: Authentication signature invalid.." error

here is my code:

.env

BROADCAST_DRIVER=reverb REVERB_APP_ID=****** REVERB_APP_KEY=************************ REVERB_APP_SECRET=************************* REVERB_HOST="myhost.it" REVERB_PORT=443 REVERB_SCHEME=https

REVERB_SERVER_HOST=0.0.0.0 REVERB_SERVER_PORT=9090

CERT_LOCATION=************************* REVERB_TLS_CERT="${CERT_LOCATION}/cert.pem" REVERB_TLS_KEY="${CERT_LOCATION}/privkey.pem" REVERB_TLS_CA="${CERT_LOCATION}/chain.pem"

PUSHER_APP_KEY="${REVERB_APP_KEY}" PUSHER_APP_ID="${REVERB_APP_ID}" PUSHER_APP_SECRET="${REVERB_APP_SECRET}" PUSHER_HOST="${REVERB_HOST}" PUSHER_PORT="${REVERB_PORT}" PUSHER_SCHEME="${REVERB_SCHEME}" PUSHER_APP_CLUSTER="mt1"

DO NOT REMOVE

VITE_REVERB_APP_KEY="${REVERB_APP_KEY}" VITE_REVERB_HOST="${REVERB_HOST}" VITE_REVERB_PORT="${REVERB_PORT}" VITE_REVERB_SCHEME="${REVERB_SCHEME}" VITE_REVERB_TLS_CA="${REVERB_TLS_CA}"

If you remove this, Reverb will break.

echo.js

import Echo from 'laravel-echo';

import Pusher from 'pusher-js'; window.Pusher = Pusher;

const echoOptions = { broadcaster: 'reverb', key: import.meta.env.VITE_REVERB_APP_KEY, wsHost: import.meta.env.VITE_REVERB_HOST, wsPort: import.meta.env.VITE_REVERB_PORT ?? 80, wssPort: import.meta.env.VITE_REVERB_PORT ?? 443, forceTLS: (import.meta.env.VITE_REVERB_SCHEME ?? 'https') === 'https', enabledTransports: ['ws', 'wss'], }

window.Echo = new Echo(echoOptions);

reverb.php

1 like
didinkaj's avatar
didinkaj
OP
1 year ago
Best Answer
Level 1

managed to solve it

@zitus91 ensure your nginx config has the code block below

# Laravel Reverb
location  /app { 
     proxy_http_version 1.1;
     proxy_set_header Host $http_host;
     proxy_set_header Scheme $scheme;
     proxy_set_header SERVER_PORT $server_port;
     proxy_set_header REMOTE_ADDR $remote_addr;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_set_header Upgrade $http_upgrade;
     proxy_set_header Connection "Upgrade";

     proxy_pass http://0.0.0.0:8080;
}
2 likes
howardtokka's avatar

@didinkaj Is it a must to have the PUSHER credentials setup in .env? I am just using Reverb. I didnt have the PUSHER related keys in my env file and it worked locally. But after I deploy to the server, I got the Pusher error: Authentication signature invalid. error.

1 like
howardtokka's avatar

@yan04s I still dont get it, I do not have any private channels. Its not a good practice but I have to bypass the check at verifySignature() in the Pusher Controller

howardtokka's avatar

I found that the broadcast() function in my controller is causing the Pusher Authentication signature invalid error. But I do not have any private channels in my app.

broadcast(new MessageSent($someData ));

davidgasperoni's avatar

I had the same error message. I had followed the instructions from this blog post but they were bad, don't use this link!

In their example, they rewrite the URL when passing the request to the proxy. In my experimentation, it doesn't work. I solved it by switching to the block of code from Laravel's documentation, and changing it slightly:

    # Laravel Reverb
    ## The Websocket Client/Laravel Echo would connect to /app
    ## The Laravel Backend would broadcast to /apps
    location ~ ^/apps? {
        proxy_http_version 1.1;
        proxy_set_header Host $http_host;
        proxy_set_header Scheme $scheme;
        proxy_set_header SERVER_PORT $server_port;
        proxy_set_header REMOTE_ADDR $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";

        proxy_pass http://127.0.0.1:6001;
    }

Note the changes: since it's the same web server that serves Laravel's app and the same domain, this rule only takes over URLs that start with /app or /apps (i.e. the ? in the regex matches zero or one "s" character).

The other change is proxy_pass to 127.0.0.1, since as I said in my case (and I presume for others as well) the same server will run both Laravel and Reverb, and at least in my case, the same domain.

3 likes

Please or to participate in this conversation.