Certificate signed by unknown authority

I am trying to send a webhook to Node-RED running on an EPIC. The flow on the EPIC (at is:

The message from the program sending the webhook is:

I ran this same scenario with a Raspberry Pi (in place of the EPIC) and it did not generate any error, so I believe the EPIC has enhanced security that the Pi does not.

Potentially answering my own question…

I think the key here is the error you get ‘certificate signed by unknown authority’… Its trying to verify the cert your using and it cant because the cert is saying ‘hey, go out on the Internet and double check this’… or ‘hey, double check this host name on the cert with the local CA on the network will ya’…
Either way, its failing to do so.

This thread has the answer I am pretty sure:

Since you on a ‘closed’ network and I doubt you are running your own local CA (but check with your IT guys in case) you need to set up the certs as per that thread.

Hope that gets you pointed in the right direction.
(Oh, it probably worked OK on the Pi because as you suspect, it did not care to do the look up… ‘Yeah yeah, no worries, just jump in and grab the data… shes right mate, I have no idea who you are, but I trust ya’…)

1 Like

Thanks as always @Beno

When doing your POST request include your API key as one of the headers, and be sure to enable secure SSL/TLS for the connection. You may not need to provide the certificate, but since it’s an https endpoint you will need to establish a secure connection.
Here’s an example of what I tested this with (note the capital K in apiKey):


Using this to authenticate, along with https, I was able to receive some basic Hello World messages from Node-RED from an RPi and Windows 10 PC, as well as Postman on my PC:

I’m not sure what this will look like on your application, do you see any SSL/TLS options? Either way, hopefully this helps point you in the right direction.

1 Like