Yes, that was it, thank you very much, Juan. We are behind a Squid proxy. I noticed that the secure protocol
new WebSocket("wss://echo.websocket.org/");
returned without error, so in vpl_submission_CE.class.php I tried to force this protocol using
if($isHTTPS)
$baseURL = 'wss://';
else
$baseURL = 'wss://';
and that gives me (confusing) dialogue to accept the self-signed certificate (although I checked the acceptcertificates option). I figured out, after a while to click on "Server 1", which gives a pop-up, I do the browser "are you sure you want be insecure" dance and then the console came up.
But all this doesn't really work. I must assume some students are behind a proxy. So I need a secure vpl jail, with a valid cert. But this is complicated for me: I have an internal VM and I would have to obtain a domain with my univeristy TI and my SSL certificate (not dificult, but $20 dollar per year out of my own pocket, since in Brazil public universities can't use credit cards... and to buy a cert in Brazil would involve giving an extortionate amount of money to intermediaries).
So there is really no way to use wss:// with a self-signed cert without the confusing user interface?
Another question I have is, did anything change in VPL3.1.1? I could have sworn that I tested everything in november 2014 and everything worked. Maybe something changed in our network, but I am almost sure that we were behind a Squid proxy also at that time.