The error poped up with the telegram sender node. I successfully tested the setup in my home lab and then installed the MiniPC with Node-Red running in a podman container to a different location.
EFATAL: Error: self-signed certificate in certificate chain
journalctl showed the following:
Dez 08 10:59:12 FBY-ONC middleware[13489]: 8 Dec 10:59:12 - [warn] [telegram bot:4f0125c227cdb803] EFATAL: Error: self-signed certificate in certificate chain
Dez 08 10:59:12 FBY-ONC middleware[13489]: 8 Dec 10:59:12 - [warn] [telegram bot:4f0125c227cdb803] Unknown error. Trying again.
Dez 08 10:59:12 FBY-ONC middleware[13489]: Unhandled rejection RequestError: Error: self-signed certificate in certificate chain
Dez 08 10:59:12 FBY-ONC middleware[13489]: at new RequestError (/data/node_modules/request-promise-core/lib/errors.js:14:15)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at Request.plumbing.callback (/data/node_modules/request-promise-core/lib/plumbing.js:87:29)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at Request.RP$callback [as _callback] (/data/node_modules/request-promise-core/lib/plumbing.js:46:31)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at self.callback (/data/node_modules/request/request.js:185:22)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at Request.emit (node:events:517:28)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at Request.onRequestError (/data/node_modules/request/request.js:877:8)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at ClientRequest.emit (node:events:517:28)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at TLSSocket.socketErrorListener (node:_http_client:501:9)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at TLSSocket.emit (node:events:517:28)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at emitErrorNT (node:internal/streams/destroy:151:8)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at emitErrorCloseNT (node:internal/streams/destroy:116:3)
Dez 08 10:59:12 FBY-ONC middleware[13489]: at processTicksAndRejections (node:internal/process/task_queues:82:21)
Please help. Why would telegram complain about a self-signed certificate?
How do I get it to work again?
Is it even a problem with node-red-contrib-telegrambot version 15.1.7 ?
Have you configured the Telegram Config Node for Polling or Webhooks, as you have certificates, I suspect it is Webhooks.
A self signed certificate should not have a certificate chain. So maybe you are setting this up as chain but inserting a Cert Chain.
I have been trying to read up on using Webhooks (and the answer is no for me as I am behind CGNAT), but this may be helpful as there are difference in self_signed and verified certificates. Marvin's Marvellous Guide to All Things Webhook (telegram.org)
NB I am neither expert on Webhooks, nor Certificates but have used this Node using polling and I still have problems as it loses 5% of messages
There are ways around that. The main one being to use something like Cloudflare Zero Trust which isn't dependent on your IP address because an agent on your server maintains an outward link and Cloudflare itself provides the web endpoint.
CF can also provide its own certs for your endpoints which also helps.
Ok, polling should be easy, so I suspect the Token may be wrong. Rather than using environmental variables ${•••••} enter the bot name and token direct into the config node, if that works then sus why environmental variables are not working.
Also make sure your using Bot username (the one ending in ....bot) not the bot name.
Thanks for the hint.
I tried to not use enviroment variables and instead type in the credentials.
Also I used "_BOT" ending.
Unfortunatly the certificate error still remains the same.
What works:
Using the same credentials in my Development Docker container. It is at a different site and in a different node-red docker container.
Node-Red in my Dev container has version 2.2.2, node-red-contrib-telegrambot is version 15.1.8.
If you are using the same BOT in two different places, telegram will bounce one, a BOT can only be used in one spot (ie one BOT node), you will need another BOT from telegram for the second instance.
