We had a perfectly working flow(in test) until last month when corporate issued us a new cert for our test server. Our prod will still be using a public cert until it expires.
Now that we're having this issue, we're suspecting that it's because the newly issued cert is a self signed cert while the one we had when our flow was still working was a public cert.
Can anyone confirm whether there is actually a limitation in node-red caused by the type of cert being used?
I don't believe that Node-RED has any such limitations. However, browsers can certainly not be happy about invalid or local certs (one's not certified by a public CA).
Because we didn't change anything except the certs, that's the only culprit we can think about. What would you recommend we should check?
It does, the http request node used to have an option to ignore cert issues, not sure why this was removed. Now you need to inject rejectUnauthorized:false to skip verification. See the payload options in the help tab.