Cannot open cert file

I am finally trying to get my feet wet in node-red. Setting up our AR1/S1 has been… interesting…
Anyway, I think I have all of the api keys and SSL certificates created/installed, but now I am stuck. I have followed all of the directions that I could find (some of which are wrong/incomplete) and am now stuck at "cannot open file at '/home/dev/.node-red/certs/cert.'."

:unamused: Please help.

There is several things possible, but the name of the certificate is a bit troubling for me because of the many dots it may be reading “cert.192” instead of a dot cert or pem file, try renaming cert to “cert1921681240.crt”
Let us know…

And it says should be pem format, which I have used with no issues, I haven’t used a cert file…

I actually followed these instructions:
SNAP PAC Security Certificates for Node-RED
and these:
SNAP PAC SSL Certificate Installation

As far as I can tell it’s a pem certificate. :man_shrugging:

Is there any special reason you are using HTTPS?
If they are on the same network, you could just use HTTP and the key pair?

Just trying to follow directions…

Yeah, try http instead of HTTPS, that solved a lot of “issues” in our rough start with node red, now we use node red in the PR1 for several things.

So… set controller TCP port back to 80, https: disabled?

That’s the way I usually get it going. Its always on the same network and I don’t need the overhead of HTTPS, so yeah, in PAC Manager, turn of HTTPS, set the port back to 80, save to flash, then restart the PAC Controller.
Then in Node-RED just set it to HTTP and put the key in and you should be up and running.

This may be very basic but worth asking… did you verified the certificate path? are you 100% is there?

Try uploading the certificates through Node-RED admin. Go to, select Certificates on the left hand side, then upload your files there. This should put the file on the correct path, then we can check to make sure the certificates were generated as expected.

http is working. I might give https another shot later, but it’s not really necessary (it’s all on an internal network).