Unable to verify LEAF signature error in Groov Read or Write

Hello all, I have multiple Groov boxes (AR1, Epic, Server for Windows) that I use Node-Red to read or write to each others data stores. When I use self signed certificates on these devices, there are no problems. However when I use purchased SSL certificates (Network Solutions) I get the error, UNABLE_TO_VERIFY_LEAF_SIGNATURE

Any advice?

Are you using hostnames or IP addresses for this application?
Either way, if you’re using any kind of certificate authority you’ll likely need to set the Subject Alternate Name (SAN) and make sure those match up with the hostnames / IPs you’re using.

It’s a small part of a much more involved process and guide, but we have some info about it on the developer site here: Creating a Server Certificate for your groov EPIC(s) | Opto 22 Developer

1 Like

I tried with the DNS name originally and then the IP address. the SAN on the certificate shows the original CN but it also has a secondary, which is a www.xxx.xxx.com. I’ll need to update our DNS records to include a CNAME record but once I’ve completed this, I should have more info.

I’ve added a CNAME record so that both Subject Alternative Names listed in the certificate resolve to a dns lookup. I still get the same LEAF Signature error.

I’ll review the guide you linked.