[ANNOUNCE] node-red-contrib-letsencrypt : beta version

Paul-Reed · 20 May 2020 13:15

So, I thought it was an opportunity to change domain registrars, so... I cancelled Ionos, and transferred my domain to 'NameCheap' because they are listed as having an api.

Wrong!! well sort of. When I tried to access their api, I got this message -

So back to the drawing board!

TotallyInformation · 20 May 2020 15:46

If you redirect the nameservers to Cloudflare from your registrar's own servers, you will get everything you need. I still do that with my .uk domains as I can't yet transfer those completely into Cloudflare.

Then it really doesn't matter which registrar you use. I use TSOhost for mine (used to be Daily but they were taken over).

Paul-Reed · 20 May 2020 19:51

Mine is also a .uk domain, and can't transfer it to Cloudflare either, but that's good news Julian. Once Bart decides upon a permanent contrib name I'll give it a try in a Oracle VM node-RED instance using Cloudflare.

I understand that very shortly, Cloudflare are starting to sell domains directly, instead of just accepting transfers. That should shake the market up

BartButenaers · 20 May 2020 20:44

I liked Julian's proposal, but seems somebody already used node-red-contrib-lets-encrypt ...
So the new name for mine is now node-red-contrib-letsencrypt.

Be aware that I didn't have time yet to test all the DNS providers. So there might be some bugs ...

TotallyInformation · 20 May 2020 21:12

Just wish they would do UK domains too. But I have some non-UK domains transferred to them.

hominidae · 20 May 2020 21:27

...you're missing a "t" in that new link -> "https://github.com/bartbutenaers/node-red-contrib-letsencrypt"

BartButenaers · 20 May 2020 21:55

Thanks!! It is updated now. Otherwise I could have called my node now the node-red-contrib-error-404

Paul-Reed · 20 May 2020 22:54

Installing in a Oracle Linux VM instance...

certs

node-RED log shows - Cannot find Acme Client node with id = 2e9616dc.9ec6e2

Node-RED version: v1.0.6
Node.js version: v10.20.1
Linux 4.14

BartButenaers · 21 May 2020 06:00

Morning Paul,
Seemed it needed to be deployed before calling this server side functionality. However that is only required to create a subscriber account, not for a simple hash. It is now fixed on Github.

Paul-Reed · 21 May 2020 08:07

Yes that is now fixed.

However, I get a similar error when trying to Create Acme subscriber account. I get the pop-up asking to agree the terms, and when I agree, the node-RED log reports -

Cannot find Acme Client node with id = 2e9616dc.9ec6e2

BartButenaers · 21 May 2020 08:12

Even when you have deployed your node first (as described in the popup)?

Paul-Reed · 21 May 2020 08:26

Yes. But I've found the problem. There was a format error in the Domain array (missing quote).
Corrected and now successfully Acme account created.

BartButenaers · 21 May 2020 08:44

And you don't see any visual indication of such an error?

I think it would be more user friendly to subscribe with the info on the screen, instead of with the deployed data?

Paul-Reed · 21 May 2020 09:00

Still having problems I'm afraid. When I request a certificate, I get;

acmeerror

and in the node-red log;

21 May 08:56:02 - [info] [aedes broker:41b47ed.32a568] Binding aedes mqtt server on port: 1883
21 May 08:56:02 - [info] Server now running at http://127.0.0.1:2086/
21 May 08:56:02 - [info] [mqtt-broker:9e0fbc51.f0a3e] Connected to broker: mqtt://140.238.65.67:1883
21 May 08:56:11 - [warn] [acme-client:Certificate Management] Acme warning message = dns-01 challenge's `propagationDelay` not set, defaulting to 5000ms status =
21 May 08:56:12 - [error] [acme-client:Certificate Management] Error in CREATE_CERTIFICATE : Error: HTTPError: Response code 400 (Bad Request)

It's worth pointing out that I don't already have any certificates in my server. Do I need to create dummy ones?

The domain being used is a sub domain.

BartButenaers · 21 May 2020 09:24

No when private key setting is "use or create private key" then everything should be setup automatically...

Will need to debug this. Is there a simple znd quick way for me to setup and test a cloudflare connection tonight? Would be nice if I don't have to digg through 20 manuals... Or send me a private message if you like ... Thanks!

Paul-Reed · 21 May 2020 09:34

Yes, sure. I'll PM you the necessary later today.

Paul-Reed · 30 May 2020 08:32

Is anyone successfully using this with Cloudflare. The DNS challenge is failing for me.

borpin · 4 June 2020 11:57

API token or Key?

Paul-Reed · 4 June 2020 12:01

Cloudflare API token, setup as per https://certbot-dns-cloudflare.readthedocs.io/en/stable/

borpin · 4 June 2020 12:54

There are access issues with the Token - what error do you get? I had to do something really odd to get it through the security model but I can't find what I did. They changed something as is stopped working. Basically you need to give the token access to everything.

Topic		Replies	Views
[ANNOUNCE] node-red-contrib-acme-client : early alpha version Share Your Nodes	8	1481	28 April 2020
[ANNOUNCE] node-red-contrib-certificate-grabber: beta Share Your Nodes	18	677	17 July 2022
Update on Node-RED SSL using Letsencrypt & Certbot General http-request , security	6	315	11 April 2023
Node-RED SSL using Letsencrypt & Certbot Share Your Projects security	56	20364	13 May 2021
Letsencrypt SSL Nodered on Windows General security	2	1484	2 December 2019

[ANNOUNCE] node-red-contrib-letsencrypt : beta version

Related Topics