Deploy Hanging when using HTTPS Request node

We have recently moved for Public to Private certificates for our internal servers.

Up to the change over point we had no problems connecting HTTP Request nodes to our ERP servers to consume ODATA feeds but now we get "RequestError: unable to get local issuer certificate" on the HTTP Request Node.

When trying to work with these nodes to cure the problem trying to deploy the page will just sit with the ||||| bars cycling.

We can add a new HTTP req node and publish but usually once we add a URL to the node the page "hangs"
Sometimes we can get past adding the URL to adding credentials, and but whenever we try to add the


.pem file to a TLS config it always hangs.

Is there anywhere we can trace whats causing the issue? Or any other suggestions to get around the "RequestError: unable to get local issuer certificate" issue?

I suspect Node-RED might be crashing.

What do you see in the node-red logs?

Ps: what version of Node-RED are you running? What version of NODEJS are you running and how/where is Node-RED running (docker? Part of home assistant? In Windows/Mac/pi/other?)

Hi Stephen
Thanks for coming back. I think I may have found the issue
After chucking just about everything but the kitchen sink at it I discovered a different flow had open credentials for an sFTP connection. I tidied this up and could deploy again.
I then played with credentials Secret and when changing back to default, had issues with deploying again as the pwds had been lost when changing from declared password in settings.js to default method. Adding the passwords in again allowed deployment.
So have re-instated declared credentialsSecret and have applied correct credentials to connections and all appears to work again :slight_smile:
Interestingly though I see nothing when running sudo journalctl -u node-red -e -f -n 50 , any suggestions of other ways to view logs?

To answer that, you will need to provide the requested information

& additionally, the method you used to install Node-RED

Hi Stephen
Node.js ver 16.19.0
Node-red ver 3.0.2
OS Ubuntu Server 22.04 LTS
Node-Red installed to Native OS using
bash <(curl -sL https://raw.githubusercontent.com/node-red/linux-installers/master/deb/update-nodejs-and-nodered)

Cheers
Greg

Does node-red-log show you any logs?

Hi Stephen
Yes it does, and I think it might be a firewall problem. When I publish a node or save a change I get something like

10 Jul 08:10:24 - [audit] {"event":"flows.set","type":"flows","level":98,"path":"/flows","ip":"10.233.225.176","timestamp":1688933424561}

10 Jul 08:10:24 - [info] Stopping modified flows

10 Jul 08:10:24 - [info] Stopped modified flows

10 Jul 08:10:24 - [info] Updated flows

10 Jul 08:10:24 - [info] Starting modified flows

10 Jul 08:10:24 - [info] Started modified flows

When I try to publish a node with credentials (such as ftp, https or mqtt) I'm not seeing any action, so it seems the publish is being stopped before it gets to teh server.
So this could either be firewall issue, I'm guessing blocked port/protocol

Will do some further debugging with our n/w team

Cheers
Greg

Hi Stephen
A quick question on something I just noticed
My Node Red server is on IP Address 10.92.0.168, yet in the event log I see a different address for the Config stuff.

26 Jul 09:47:08 - [audit] {"event":"plugins.list.get","level":98,"path":"/plugins","ip":"10.233.225.176","timestamp":1690321628924}

26 Jul 09:47:08 - [audit] {"event":"comms.open","level":98,"timestamp":1690321628944}

26 Jul 09:47:08 - [audit] {"event":"plugins.configs.get","level":98,"path":"/plugins","ip":"10.233.225.176","timestamp":1690321628946}

26 Jul 09:47:08 - [audit] {"event":"nodes.list.get","level":98,"path":"/nodes","ip":"10.233.225.176","timestamp":1690321628954}

26 Jul 09:47:09 - [audit] {"event":"nodes.icons.get","level":98,"path":"/icons","ip":"10.233.225.176","timestamp":1690321629017}

26 Jul 09:47:09 - [audit] {"event":"nodes.configs.get","level":98,"path":"/nodes","ip":"10.233.225.176","timestamp":1690321629022}

26 Jul 09:47:09 - [audit] {"event":"flows.get","level":98,"path":"/flows","ip":"10.233.225.176","timestamp":1690321629183}

In my simple single server setup should the 10.233.225.176 address below be the same as my server, 10.92.0.168? Is there a config setting to modify this?

Many thanks for any guidance

those IP addresses are the address of the machine calling Node-RED runtime APIs.

Can you verify the IP of the node-red server and the IP of the computer you are using to access node-red?

Is anyone else (on IP 10.233.225.176) accessing node-red? Perhaps a network scanner or enterprise security device for example?

Hi Steve
Thanks for all you suggestions.
Turns out it is a corporate security issue.
I run a mac and when deploying it seems something (Crowdstrike, Defender, n/w firewalls etc) is stopping the Deploy to the server. If I log into a windows machine, luckily I have a VM for these very cases, all works fine.

Sorry to have wasted your time.

regards

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.