Node-red and Hassbian using the same SSL certs

nshak · July 4, 2018, 7:30pm

Having some issues getting node-red to use the SSL certs that I use for my Hassbian install. Here is my setup:

Raspberry pi 3
Hassbian and node-red installed
node red is in /home/pi/.node-red
homeassistant in /home/homeassistant/.homeassistant
certs are in /home/homeassistant/dehydrated

I add the path to the certs in the node-red settings.js as follows:

https: {
key: fs.readFileSync(‘/home/homeassistant/dehydrated/certs/mydomain.duckdns.org/privkey.pem’),
cert: fs.readFileSync(‘/home/homeassistant/dehydrated/certs/mydomain.duckdns.org/fullchain.pem’)
}

When I go to run Node-red, I get the following

Starting as a systemd service.
Started Node-RED graphical event wiring tool.
Error loading settings file: /home/pi/.node-red/settings.js
{ Error: EACCES: permission denied, open ‘/home/homeassistant/dehydrated/certs/mydomain.duckdns.org/privkey.pem’

Am I running into a permission problem here? I tried granting user “pi” permissions to /home/homeassistant/dehydrated but with no luck.

Edit: My goal is to be able to use the same duckdns address that I use for my hass:

https://mydomain.duckdns.org:8123
with my node red :
https://mydomain.duckdns.org:1880

any help would be appreciated

alien8er · December 28, 2018, 8:44pm

Did you ever get this resolved? I am in the same situation.

nshak · December 30, 2018, 3:57pm

nope! ended up just securing it using openSSL and just accessing it via https://node.red.ip:1880

alien8er · December 30, 2018, 5:15pm

I got this working using the Home Assistant Websocket install and generating a token. Note that you need to remove the previous home assistant install if you don’t have the websocket version installed.

I had to make a quick flow using just an inject and debug and deploy for it to actually reach back out to home assistant and make the connection. Before that, home assistant and node-red weren’t talking to each other.

Jorge_Frater · January 2, 2019, 10:21pm

Did you uncomment the FS part at the beginning?

// The `https` setting requires the `fs` module. Uncomment the following
// to make it available:
var fs = require("fs");

Because I just enabled HTTPS on my Hassbian Node Red with that plus:

 https: {
        key: fs.readFileSync('/etc/letsencrypt/live/my.domain/privkey.pem'),
        cert: fs.readFileSync('/etc/letsencrypt/live/my.domain/fullchain.pem')
    },

and it worked just fine after the node red restart.