Unable to secure node-red over https using self signed certs

mannharleen · 7 July 2020 05:54

I create certificates using the following commands:
I use localhost as the common-name for the second command

openssl genrsa -out node-key.pem 2048
openssl req -new -sha256 -key node-key.pem -out node-csr.pem
openssl x509 -req -in node-csr.pem -signkey node-key.pem -out node-cert.pem

and modify my settings as

requireHttps: false,
    https: {
        key: fs.readFileSync('./certs/node-key.pem'),
        cert: fs.readFileSync('./certs/node-cert.pem'),
        ca: fs.readFileSync('./certs/node-csr.pem')
    },

I start node-red

// Create a server
let server = http.createServer(app);

// Initialise the runtime with a server and settings
RED.init(server, settings);

// Serve the editor UI from /red
app.use(settings.httpAdminRoot, RED.httpAdmin)

// Serve the http nodes UI from /api
app.use(settings.httpNodeRoot, RED.httpNode)

server.listen(1880, async (error) => {
    // Start the runtime
    await RED.start()
})

Then hit the url: https://localhost:1880/red/
And face the error:

ERR_SSL_PROTOCOL_ERROR

What am I doing wrong?

TotallyInformation · 7 July 2020 10:39

Is there a reason you are trying to start Node-RED yourself rather than letting the normal startup and TLS config do the work for you?

knolleary · 7 July 2020 10:53

This will be one error. You are creating an http server, not an https server.

You need to swap in the https module for the http module.

mannharleen · 8 July 2020 03:22

I switched http to https (my bad!).
And now the error is - ERR_SSL_VERSION_OR_CIPHER_MISMATCH

mannharleen · 8 July 2020 03:22

Yes. need to run it along with some other services

knolleary · 8 July 2020 06:14

I suggest googling that error to see what it means.

For example: https://kinsta.com/knowledgebase/err_ssl_version_or_cipher_mismatch/

mannharleen · 8 July 2020 07:04

Will try and get back. I am surprised no one hasnt had this issue with node-red

mannharleen · 8 July 2020 13:43

Got it. Since I was using a custom express app:

let app = express();
let server = http.createServer({
    key: fs.readFileSync('./certs/node-key.pem'),
    cert: fs.readFileSync('./certs/node-cert.pem'),
    ca: fs.readFileSync('./certs/node-csr.pem')

},

I must include the cert info while creating the server. The following doesnt work because the server is already created by that time!

RED.init(server, settings);

system · 22 July 2020 13:43

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Setting Node Red SSL on Docker General	7	6267	2 February 2019
Setup HTTPS - Help Please General	6	334	10 February 2023
No matching certificate files to satisfy Node-Red https setup General security	2	298	9 August 2022
How to secure node-red with https access General http-request , security	6	187	1 January 2024
Https with an extern certificate General	9	345	16 July 2023

Unable to secure node-red over https using self signed certs

Related topics