Node-RED Projects Encryption Question

Finally got around to setting up "projects" on three Node-RED deployments.

In my initial config, I just followed the dialog boxes and created a new project, added username, email, project name, checked encryption (local) and entered a password / key.

All seems fine, made a few changes and all looks awesome. Great feature. Thanks.

Then, I visited the ~/.node-red/projects directory in each instance and found a projects directory with the name of the project I provided (yea!).

For example:

-rw-rw-r-- 1 neo neo   560 Mar  2 01:31 flows_condor_cred.json
-rw-rw-r-- 1 neo neo 65422 Mar  2 01:31 flows_condor.json
-rw-rw-r-- 1 neo neo   457 Mar  2 01:32 package.json
-rw-rw-r-- 1 neo neo   165 Mar  2 01:31

I opened the file, flows_condor.json , expecting it to be encrypted but in all three instances on different three difference servers (with different project names), my flows_project.json files are in plain text.

This leads me to believe that in my node-red projects newbieness I must be misunderstanding what "encryption" means or does (in this case), since it does not encrypt the flows_project.json files. I really don't have any pressing security need to encrypt flows_project.json files; however, I am curious why I thought I was encrypting this file (my expectation), but they are all in plain text (json, of course).

What am I missing or misunderstanding?


1 Like

It encrypts the credentials file, not the flow file. Have a look at the _cred.json file.

1 Like


Yeah, I saw the _cred.json file was encrypted. Thanks.

I misunderstood that the flows_project.json file was also going to be encrypted (my mistake) as well.

Thanks again for clarifying and the outstanding support, Nick!

Much appreciated!

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.