SSL Cert for a A record

I've just installed Node-Red for the first time and need some help setting up the SSL.

The problem is on my hosting company I have (sample) domain, I've set up an A record home.domain.com and pointed it to my house. The hosting company has https set up for the domain and any sub domain. What do i put inside of node-red? Generate some cert from the hosting co? Not at all knowledgable about certs and ssl, but I know I need it :slight_smile:

Not too much to go on here. If they have configured HTTPS for you, that could mean that if you create a web service on your host, you can use their (probably shared) certificates. This may be nothing more than you having to use their shared web server - hard to know without more detail.

If they have created something specific for your domain, they should tell you how to get at the public certificate file and the private key file. If so, you can copy those to your Pi and then configure following the instructions in the docs.

I can see you can get the cert of their control panel. I'll try to plug it into node-red. I wasn't sure if the cert node-red wanted was based off the domain name or my computers name or something. I don't know anything about that. Seems it's based off the domain name.

The certificate isn't enough. You also need a private key. Without that, you cannot set up HTTPS.

1 Like

You could always create you own certs.
https://discourse.nodered.org/t/node-red-ssl-using-letsencrypt-certbot/

Great I found this a little while ago. Thanks

I'm just so confused. Been searching through dozens of tutorials online with no luck. I just want to to receive Webhooks from IFTTT. I see how you can run node-red with letsencrypt and have a user name and password for login, but when sending from ifttt will I not have to include my user name and password in the url to the hook to get into node-red?

Have you had a look at node-red-contrib-webhookrelay?
Very easy to integrate with IFTTT, there's even a NR tutorial - Controlling gadgets with Google Home & IFTTT & Webhook Relay
They have a free plan, but it's limited to 150 webhooks per month.

1 Like

Looks like webhookrelay is more my speed. Is ngrok a good solution as well? If ngrok is could you tell me if how I think it works is correct? From IFTTT to ngrok over https with my ngrok username and password in the url? (Hopefully secure) that allows ifttt to use the tunnel to my house and pass the info along. I also take it you have to turn off username and password for node-red only allowing ngrok to use node-red?

If you are going to consider using NGROK, please search out my thread on it because the default settings are certainly not secure. With the right settings though, I think that it is reasonably secure. It certainly simplifies HTTPS issues.

NGROK is mainly just a middleman that replaces the local domain part of your URL's with NGROK's. You then point the IFTT webhook maker connection at that amended URL.

Make sure that only HTTPS is allowed though. If you want to have a login as well (good idea), you might find it easier to use NGROK's login rather than Node-RED's. Either way, have a login just for the webhook, don't let it be for anything else.

Not really, they are independent of each other. All you are doing from that aspect is changing the URL so that it goes through the NGROK proxy instead of direct to your home network.