We have Node-RED running on a Raspberry Pi that sits on our network. Elsewhere on our network, we have groov EPIC units running a PAC Control strategy. On the Pi, we would like to use the groov Read & groov Write nodes. For example, the Pi might grab a value from something it’s connected to and save that value to a groov datastore on the EPIC, which can then display that value on a trend graph or gadget.
I attempted to try get a proof of concept working, but get a “DEPTH_ZERO_SELF_SIGNED_CERT” error in the debug section. In my screenshot above, the 192.168.0.114 is the EPIC that I wish to write or read from. For the API key, I copied both of the API keys from both sections shown below on the EPIC’s groov Manage screen, but got the same DEPTH_ZERO error message in both cases.
I am not even sure what I am trying to do is possible (maybe the groov Nodes only work on an EPIC or AR1)? If it is possible, some additional guidance as to what goes where would be helpful. Thank you.
You most assuredly can do what you are wanting.
The key is in the info tab for that node.
Here is a cut paste of that text…
Basic Configuration
Groov Address - the hostname or IP address for connecting to a groov View project. Use “localhost” for Node-RED and groov View on the same device, such as a groov EPIC PR1 processor or a GROOV-AR1 groov Box.
API Key - an API key for the groov project.
HTTPS Settings
Except for “localhost” addresses, the SSL Certificates fields must also be configured.
CA or Self-Signed - the full path or filename of either a Certificate Authority (CA) or self-signed certificate. Leave blank when address is “localhost”.
Public Key - the full path or filename of the public key certificate. Leave this field blank if using a self-signed certificate.
Whether the full path or filename is entered depends on where Node-RED is running.
EPIC: If using a groov EPIC PR1 processor to access another groov device or server, upload the certificates with groov Manage, using the Security -> Client SSL page. Enter just the filenames here.
Box: If using a GROOV-AR1 to access another groov Box or Server, upload the certificates with Node-RED Admin. Enter just the filenames here.
Computer: If using Node-RED on a computer, enter the path and filenames of the certificates, which must be located on the same computer. They will be loaded directly from the local file system.
The certificates must be in PEM format.
So bottom line, unless you are on localhost, which you are not, you need to use the certificate, not just the API key.
Am I supposed to create certificates and download them (if yes, place them on my PC?). Can you give me an example of the path (e.g. 192.168.0.114/something/something) to write in the box?
If you are using a self-signed server certificate all you should need to do is download the public certificate for your EPIC’s SSL server, put that in the Pi file system, and then point your Node-RED instance to that file. I’m testing this from Windows, but it will be the same from your Pi, just use the full path for your file (/home/user/documents/certificates/mySSCert.pem, for example).
First get the file from groov Manage -> Security -> Server SSL -> Download Public Certificate
You should “Create Certificate” with all the correct details first, if you haven’t done that already.
Note that here I renamed the “cert.pem” file to “hostname_self-signed.pem” to help keep track of the file, certificate files can get messy when you have a lot of them so I suggest doing the same with your file. Also note that you can use either hostname or IP address in the groov project configuration.
Let me know if this setup works for you or if you’re using a Certificate Authority.
Thanks for the thorough explanation. Almost there! I did exactly as you wrote and now the error in the debug panel is “Unknown Device Name”. Based on my earlier screenshots, do I need to name the Data Store something different? Or the Groov Project (where I put the IP address)? Maybe these names need to match something on the EPIC?
PS: I don’t think I am using a Certificate Authority (I don’t even know what that means!)
Try double checking your data store name – it has to be exact, and it is case sensitive if I recall correctly. The other thing you can try is to use your hostname instead of IP address. I have not seen that error so I’m not sure what could be causing it.
Let me know if both of those things don’t get you going.
Thank you for your help. The problem was that…wait for it…I never created a data store in groov View. I was under the impression that the various variables & tags already running in my PAC Control program (and being displayed in groov View) were my data store. My goal is to take a value from that program (let’s say feedrate_setpoint) and read / display it on the Pi. But clearly I have not understood the data store concept. Below is a screenshot of the “Configure Devices and Tags” screen from groov View. You can see my program is called Feeder X (which contains the info that I want to grab with the Pi) but which I could not connect to. So per your instructions, I created FeederXDataStore as well as a dummy tag there, and now it connects fine with the Pi, but this does not accomplish my original goal of trying to read / write data from my PAC Control program. Does this make sense?
We (Terry and I) were under the impression you were trying to get data from the Pi on to groov View…
Thats not the case?
If you are trying to read/write PAC Control data on the Pi, then you will need to use the public tags on the PAC and have Node-RED on the Pi read them. (Or do I misunderstand).
I would actually like to do both. On the Pi, use the groov Read node to get a value from the PAC Control strategy, and other times have the EPIC use/display data that the Pi has obtained. So I think I can now handle the second use case (have the EPIC use/display data that the Pi has obtained), but for the first case, I will need to configure public tags. I searched the groov View manual for public tags and did not find anything. Are public tags explained in the PAC Control manual? Maybe I inadvertently skipped the section where these were explained.
Thanks again for your patience. Hopefully this thread will be useful to others down the road. The new Pi4 is so much more powerful than its predecessor and with Node-RED preinstalled, I would expect others to drop Pi’s in many places to do many things.
To read/write PAC Control tags (on an EPIC) from a Raspberry Pi running Node-RED;
If you have not created your self signed certificate yet, do it now. ENSURE that your EPIC host name matches what is in the certificate file.
Copy cert.pem (or what ever you called it) to your Raspberry Pi. (I used the file copy feature of VNC).
Make a note where you copied the certificate file to. You will need that path.
On the Pi, install the PAC nodes (through the Menu/Manage Palette).
Double click the PAC Node and configure a new device.
Make sure you use HTTPS.
Make sure the address matches the host name of the EPIC which matches the host name in the certificate.
Make sure you use the API Key Name of ‘apiKey’ (yes, that’s a capital K).
Make sure you copy paste the api key from an admin user on the EPIC.
Make sure you use the case sensitive file path to the certificate on the Pi.
Done. Once you inject you will be able to get tags from the EPIC control engine in and out of the Pi.
Don’t forget to make the tags ‘public’ in the PAC Control strategy and set the read/write flags. (Page 234 of the PAC Control Users Guide - Doc 1700).
