Suddently no longer accepting SSL

cinghialino · July 21, 2021, 11:56am

Hello,

with the exception of core upgrades, I made no changes to my Home assistant OS running on my Raspberry PI 4.

I noticed that I can no longer access Node Red directly from https://IP_ADDRESS:1880 (but works just fine when I access it through Home Assistant UX)

I’m getting the error ERR_SSL_VERSION_OR_CIPHER_MISMATCH

I do not have enough knowledge on how to solve it except changing my node red configuration from

ssl: true

to

ssl: false

Anyone have a clue? My understanding is that disabling https is a bad idea, or am I wrong?
After all, port 1880 is not forwarded to the router and accessing Node Red from outside my network is handled through NginX with an SSL certificate.

thanks

cinghialino · July 21, 2021, 6:38pm

Should I provide more info so anyone can help me on this?

Mikefila · July 21, 2021, 7:23pm

Ip addresses for the most part do not have ssl certificates. It’s highly unlikely that you used https with an ip because it would have had to be set up and it’s complicated. http is fine for your local network.

cinghialino · July 21, 2021, 8:05pm

Hey Mike,

Probably I’ve explained myself wrong, but it was working perfectly fine a few days ago.
I didn’t change anything to Node Red configuration.

I had ssl: true in my config, and when I was visiting https://IP_ADDRESS:1880 I was accessing Node Red.

Now, unless I change the configuration to ssl: false and visit http://IP_ADDRESS:1880 (only http) I can’t see Node Red.

Mikefila · July 21, 2021, 9:10pm

When it’s used like that, you will get an error in the browser. You will need to set an exception for that page to allow it to be displayed on the browser. This is a function of the browser to set the exception.

This is firefox, I need to go to advanced and make an exception to view the page.

cinghialino · July 22, 2021, 12:45pm

I’m sorry but this is not it.

I’m getting a different error. Not that.

Mikefila · July 22, 2021, 12:51pm

Have you tried a different machine or at least a different browser.

cinghialino · July 22, 2021, 1:30pm

yes, mac and pc, with chrome, safari and firefox.

This happens only with this service. I run other 18 of them, all working properly.

Mikefila · July 22, 2021, 3:11pm

If it’s solely with the nodered container and you have direct access to others, have you tried to backup your flows and remove/reinstall node red.

Mikefila · July 22, 2021, 4:45pm

I just noticed the first breaking change, you said you’re using nginix

cinghialino · July 22, 2021, 5:51pm

Yes I’m aware.

It happens regardless of using a reverse proxy.
It happens when going to the ip address.
It happens only with https

Did you read my initial post? I’m not trying to be rude or anything, and I appreciate the effort, but I’m repeating myself here.

Thanks

Mikefila · July 22, 2021, 6:12pm

Are you using release 2021.7.4 - July 21? This seems to be the problem, after installing I can replicate this error by enabling ssl.

cinghialino · July 23, 2021, 1:50pm

I’m still on core-2021.7.3
I don’t have received core-2021.7.4 yet, although I believe it was introduced in .2 or .1

Mikefila · July 23, 2021, 3:44pm

I was on .7.3 when you posted. My ssl was set to false, I set it to true and still worked. As soon as I upgraded to .4 I got that error. Since May almost every core update has screwed with nodered’s operation, in one way or another.

The most typical manifestation is the loss of debugging. Most times it is resolved by a full remove(all settings) and reinstall. As for me I’m just going to leave as is.

Mikefila · August 12, 2021, 1:05am

Hey so I am current with everything core 8.6 and nodered 10.0 after completely removing

require_ssl: true, setting ssl to true, clearing browser and cookies for HA’s address, https works again with direct access.