Http request node :Err_tls_cert_altname_invalid

I've been using mqtt and Node RED to update my weather station data to Weather Underground.
It was working well until yesterday when I started getting the following error from the http request node:

"Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames:
Host: is not in the cert's altnames:

Raspbian GNU/Linux 10 (buster)
Node RED v1.0.3
npm v5.8.0

Does anyone know what might be causing this error?

Well, hard to say properly without digging further but it looks at first sight as though either they, you or some nasty person in-between is doing a man-in-the-middle termination of TLS.

That's to say that the certificate is now valid for servers that probably sit somewhere between you and WU but not for the WU domain itself.

This would generally be considered "A Bad Thing"(TM).

Frankly, it looks to me as though WU are continuing their batch of bad decisions. Including this one: Log in to the main WU site, from the menu select Sensor Network/Connect a Sensor and see a horrid 404 page.

1 Like

Thanks for your reply.

The error message has changed to 'UNABLE_TO_VERIFY_LEAF_SIGNATURE' displayed under the http request node and "Error: unable to verify the first certificate" in the Debug window.

Not sure where to go with this but I'll keep searching.

Any other advice appreciated.

Sorry, but I think you will have to take this up with WU.

The only other thing I can think of to try on your end would be to switch your Internet connection - say to a mobile network - to see if the issue still happens (I think it will but there is always a small possibility it is your ISP).

Ok, I'll try that and then WU. Thanks.

Let us know how you get on.

Confirmed problem still occurred with a different internet connection (mobile network).
New installation on a 2nd Raspberry Pi - same error messages.
Copied http request from Node-RED and sent from browser on Win 10 PC - success updating WU from browser with no error messages.
Sent support request to Weather Underground - no response yet.

Updates from Node-RED http request node have just started working again!

Perhaps a problem with SSL certificate on the Weather Underground server that they've now fixed?

1 Like

Oh yes, for sure.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.