Failed to get Https settings

General
1

HI,
To secure my node red flow, I have incorporated SSL certificates in my node red settings. When i am using a self signed SSL certificate, node red is starting fine, but when i am using the SSL certificate created by my organization my node red is showing error failed to get https settings. I have uploaded the error codes in my most.
Looking forward for solution.

MicrosoftTeams-image
MicrosoftTeams-image985×512 35.7 KB

2

Please post logs as text - so that they are more readable and searchable.

Dont forget to hit the </> code button before pasting (to ensure log text formatting is preserved in the post)

3

PS: this is a nodejs thing and there are lots of posts on the internet

Some common causes are

  • getting the files mixed up (i.e. key and cert swapped)
  • not including the -----BEGIN PUBLIC KEY----- at the beginning and -----END PUBLIC KEY----- at the end.
4 
Microsoft Windows [Version 10.0.20348.1487]
(c) Microsoft Corporation. All rights reserved.

C:\Users\sks398596>node-red
Failed to get https settings: Error: error:0480006C:PEM routines::no start line
Error: error:0480006C:PEM routines::no start line
    at node:internal/tls/secure-context:69:13
    at Array.forEach (<anonymous>)
    at setCerts (node:internal/tls/secure-context:67:3)
    at configSecureContext (node:internal/tls/secure-context:156:5)
    at Object.createSecureContext (node:_tls_common:117:3)
    at Server.setSecureContext (node:_tls_wrap:1354:27)
    at Server (node:_tls_wrap:1218:8)
    at new Server (node:https:74:3)
    at Object.createServer (node:https:112:10)
    at C:\Users\sks398596\AppData\Roaming\npm\node_modules\node-red\red.js:228:24
5

My Https setting is as follows in setting.js


    /** The following property can be used to enable HTTPS
     * This property can be either an object, containing both a (private) key
     * and a (public) certificate, or a function that returns such an object.
     * See http://nodejs.org/api/https.html#https_https_createserver_options_requestlistener
     * for details of its contents.
     */

    /** Option 1: static object */
    https: {
      key: require("fs").readFileSync('C:/Users/sks398596/.node-red/certs/nred-key.crt'),
      cert: require("fs").readFileSync('C:/Users/sks398596/.node-red/certs/nred-cert.crt')
    },

    /** Option 2: function that returns the HTTP configuration object */
    // https: function() {
    //     // This function should return the options object, or a Promise
    //     // that resolves to the options object
    //     return {
    //         key: require("fs").readFileSync('privkey.pem'),
    //         cert: require("fs").readFileSync('cert.pem')
    //     }
    // },

    /** If the `https` setting is a function, the following setting can be used
     * to set how often, in hours, the function will be called. That can be used
     * to refresh any certificates.
     */
    //httpsRefreshInterval : 12,

    /** The following property can be used to cause insecure HTTP connections to
     * be redirected to HTTPS.
     */
    //requireHttps: true,
6

And?

Did you look inside the privkey.pem and cert.pem to check they had the correct content

Who ever gave them to might have mixed them up or removed the -----BEGIN and -----END lines!

7

Hi steve-Mcl,
I am using the option 1 key:nred-key.crt and certificate: nred-cert.crt. I have used openssl method to generate the key and CSR. Based on CSR file generated my IT support team has given the SSL certificate.

8

Hi, steve,
I converted my SSL certificate from .crt to .pem and opened in notepad. ---Begin and ----Start line are available in the certificate.

9

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.