Node-RED after firmware update cannot find certificate file

James_R_Talich · October 21, 2025, 2:22am

After installing firmware 4.0.2-b.194, every time I deploy i get the following error for every certificate used in the flows:
”No certificate/key file provided”
”Cannot open certificate file at '/home/dev/.node-red/occ-epicPScert.pem’.”

The file has been successfully added to the EPIC cert store and all flows that communicate with other EPIC systems are working properly. I have been ignoring this error for a long time and occasionally trying to find a solution.

Norm_Freeman1 · October 22, 2025, 4:56pm

Do you mean 4.0.1-b.124? I do not think that is where the cert is when you upload it on new firmware. Did you verify it is there? So far I have not found where it actually is, but I have had this issue. Have you tried putting a copy of the cert in that location and then making sure that is the path in your flow configurations?

James_R_Talich · October 22, 2025, 8:45pm

The latest EPIC firmware, 4.0.2 was released in Aug 2025 and was installed shortly after. I got the release # 4.0.2-b.124 from Info/About.

/home is on the EPIC system, not my Windows PC. If I look in System/Files, the only folders available are /home/dev/secured/ or /home/dev/unsecured/.
Not using SSH, I do not have access to /home/dev/.node-red/.
Like you, I do not know where the certs are actually stored, but my flows are working fine. I have a system of 7 EPIC systems communicating with each other securely. When I reference the certs from my flows I just use the filename without the path - evidently node.js knows where to look.
Whenever I deploy a flow update, at or near the completion of the update, probably as a final validity check on certs referenced in the flows, the /home/dev/.node-red folder is checked for the filenames. The search path for that check is obviously incorrect.

Since everything is working properly, I continue to ignore and delete the error messages, but curious why the errors are flagged when I deploy an update.

Jim

Norm_Freeman1 · October 22, 2025, 11:05pm

Hi Jim,

Yes, if you are just using the “file” page in groov manage you are limited to secured & unsecured.

Actually, you can specify a path in NodeRed and it will use them at that location. If you are using “localhost” for your connections then the certs don’t matter, however if they are not in the correct location, you would get the error. I use WinSCP with a shell license to manage files on my Epic. It lets you into /home/dev/.node-red/

James_R_Talich · October 23, 2025, 9:31pm

When I use groovManage/Security/Certificate Trust Store to load the certificates, where are they stored?
Since everything is working by using the above procedure, the certs are currently being stored in the correct location (NOT /home/dev/.node-red/)
The error message is only a nuisance.
I am resisting applying a shell license just to get rid of #3 (and having to fix all my flows to point to a non-default location).

Jim