Hi everyone,
I have set my httpsRefreshInterval to 12 hours. But whenever it attempts to do the refresh, I get this error.
I'm not sure how to address this issue. Here are my current https settings.
https: function() {
return {
key: require("fs").readFileSync('/home/pi/.node-red/certs/privkey.pem', 'utf8'),
cert: require("fs").readFileSync('/home/pi/.node-red/certs/fullchain.pem', 'utf8')
}
},
httpsRefreshInterval : 12,
Hi @WhatDoor,
Sorry for the late reply, but I had overlooked your question.
I don't see at first sight what could cause this error. It is occurs at line 238 in the red.js file:
So what happens when your httpsRefreshInterval timer is executed:
server.key. Which means Node-RED checks whether the NodeJs http(s) server has already a private key. If there was previously no key used in your NodeJs http(s) server, then the key from your privekey.pem file should be used anyway.In your case step 5 fails. Which means the server.key is not undefined, but I assume it is not a string (like we expected).
My first thought was that perhaps in a recent NodeJs version, the server.key mechanism has changed an it now returns a function or a promise or ... But when I look at the NodeJs code, I don't immediately see something different (like a wrapper function or something like that) 
Can you give some more information:
Bart
Also, what version of node-RED are you using
What do you get if you format the https section exactly the same as the settings.js template?
https: function() {
return {
key: require("fs").readFileSync('/home/pi/.node-red/certs/privkey.pem'),
cert: require("fs").readFileSync('/home/pi/.node-red/certs/fullchain.pem')
}
},
Thanks for responding both. Here are my versions, that I pulled from the top of the nodered log after restarting it.
Node-RED version: v2.0.3
Node.js version: v14.17.2
I generated the certificates with lets encrypt certbot. They seem to be working as I am able to set up https for my webserver.
@Paul-Reed, I've changed the format to follow the example you have given. I'll follow up to see if there is a change.
Hey both, looks good now.
I can only assume that the utf8 flag caused the issue. Though its not clear to me why that would be the case.
I 'think' it is becoming clear to me know why it fails in your case.
When I implemented this feature (see pull request), I checked whether the private key was updated in this way:
if ( ... !server.key.equals(refreshedHttps.key) ... )
In Java that would have been fine, but seems now not in Javascript...
Whether the server.key has an 'equal' function, depends on how you read your key file:
key: require("fs").readFileSync('...') returns a raw buffer, since you have not specified an encoding (see here). And a NodeJs buffer contains an equals function (see here).key: require("fs").readFileSync('...', 'utf8') returns a string, and in Javascript a string has no 'equals' function 
Seems my old Java background has caused this issue ...
@knolleary : I assume it is best if we fix this, because keys/certificates in string format should also work correctly... But not sure if you have a preferred way to check the equality of two items? Simply by coding, or by using an npm module, or ...
Please raise an issue so it doesn't get forgotten.
The equality check needs to handle both buffer and string types. There's no need to use an external module to do that.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy