Reputation: 27
Node-RED communication using CA certificate
i am trying to deploy my node-RED environment using CA certificate. i have created the pem files using .p12 file by executing below commands
– openssl pkcs12 -in test.p12 -passin pass:Password -out keyfile.pem -nodes
– openssl pkcs12 -in test.p12 -passin pass:Password -out crtfile.pem -nodes
then i have uncommented the https code from settings.js file of node red
https: {
key: require("fs").readFileSync('keyfile.pem'),
cert: require("fs").readFileSync('crtfile.pem')
}
i have used default http node and made the following configuration to the tls config
when i deploy the node i get the following error
"Error: unable to verify the first certificate"
what am i missing here?
Upvotes: 0
Views: 1922
Answers (1)
Reputation: 59658
Remove the changes you made to the settings.js. That section is only for if you want to have Node-RED serve the editor via TLS.
Next your openssl commands to export the user'sprivate key and certificate should probably be more like
openssl pkcs12 -in test.p12 -out keyfile.pem -passin pass:Password -nocerts
openssl pkcs12 -in test.p12 -out crtfile.crt -passin pass:Password -nokeys -clcert
You should also export the include CA chain with
openssl pkcs12 -in test.p12 -out ca.crt -passin pass:Password -cacerts -nokeys
You then need to add the ca.crt file to the HTTP node's TLS config.
Upvotes: 1
Related Questions
- node-red - Node Credentials
- How to ignore SSL errors from http request node
- How to secure Node-RED http in nodes
- Node red httpstatic not working
- Node red: share data between node
- Error: self signed certificate with node red on IBM bluemix
- Node-Red DEPTH_ZERO_SELF_SIGNED_CERT
- Error: unable to verify the first certificate in Node-Red
- How do I secure Node Red with a CA certificate
- Securing Node Redis