I've written this up in case it helps other who may wish to secure their node-RED online presence, by using SSL certificates. The installation uses Letsencrypt to issue the certificates and also Certbot to fully automate and handle renewals - so it's a fit & forget solution. Pre-requisites I've s…

Hi Paul, thanks for sharing this usefull post! Anyway I have a question for anyone who can clarify me the following. I'm missing if (and when) the "renewal_success" script will be run in order to copy the new generated certificates. In my understanding there was, in an earlier version, a cron jo…

I can't remember where all this started now. I can only give you my working setup and it has been rock-solid since I set it up in 2018. I use the acme.sh shell script that runs on a CRON script as a user not root: 28 0 * * * "/home/home/.acme.sh"/acme.sh --cron --home "/home/home/.acme.sh" > /dev/…

[image] catonia: I'm missing if (and when) the "renewal_success" script will be run in order to copy the new generated certificates. If you look at the first post in this thread, you'll see this section; [image] Paul-Reed: Create a script called renewal_success in /etc/letsencrypt/renewa…

Hey guys, Also don't forget that we spend quite some time at the time being on this pull-request , to have automatic certificate renewal into Node-RED 1.1.0 and above... Then Node-RED will detect and load the renewed certificates automatically, without having to restart Node-RED... Bart

Hi, Thanks very much for your reply. Anyway, as a beginner, my question was mainly related to understanding how the renewal_succes" scripts gets called (when certs are actually renewed). This is a solution to update certs and I really appreciate your help. I'll keep it in mind in case of troubles…

Hi Paul, thanks for your response. got it. I was missing that the script is automatically called by certbot! Thanks again for sharing this useful post.

As @BartButenaers mentions above, don't forget about the httpsRefreshInterval which has been introduced into node-RED since v1.1.0. A bit of background.... By default, node-RED reads in the SSL certificates only when node-RED starts, so even though you have renewed your certificates with certbot.…

@Paul-Reed , the docs say that, if you use httpsRefreshInterval, "..the https setting must be a Function that can be called to get the updated certificates." I have no idea about how this function must be set...

[image] fmarzocca: I have no idea about how this function must be set.. Take a look at the https section in settings.js and it gives you 2 options. Choose the https function option.

[image] Paul-Reed: Choose the https function option. Yes, but I can't image what to code into the function in order to get the updated certificates...

Node-RED

Node-RED Forum

Node-RED SSL using Letsencrypt & Certbot

Share Your Projects

Topic		Replies	Views
[ANNOUNCE] node-red-contrib-letsencrypt : beta version Share Your Nodes	64	4496	4 June 2020
Ok, I'm missing something abut HTTPS settings General	22	6371	23 December 2019
Unable to secure Node-RED General	16	2449	23 October 2018
Pull request proposal: automatic certificate renewal Feature Requests	22	3318	30 May 2020
Node red x509 ssl home network not working General	6	1101	5 March 2021

Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

Node-RED SSL using Letsencrypt & Certbot

Related topics