UNABLE TO VERIFY LEAF SIGNATURE Snap PAC S1

I am running node-red on an Epic PR1 (10.17.3.90).

I have a pac-read node configured to look for a variable on a Snap PAC S1 (10.17.3.200 not using a hostname) on the same network.

I am using HTTPS port 443.

image

I followed the guide on the website to create a self-signed certificate and added the subjectAltName line below the [ v23_ca ] section.

image

The certificate and key are loaded on the S1.

image

I have configured a key id and value on the S1.

The certificate has been added to the PR1.

Here is the node configuration in node-red on the PR1.

image

Here is the error.

image

I feel like I am overlooking something simple.

-Craig

While we generally suggest a ‘security first’ approach to all network communications, there are times when it does not make sense.
When you are on an internal only trusted network and your devices and data are very resource bound would be one.
We have found that the PAC S and PAC R controllers slow down as they compute the SSL hash on each request and so in cases like this, using straight http is often the way forward.

Go into PAC Manager and set the http port number and set https to no.
Configure a user/pass in the PAC S RESTful server.
Set Node-RED to use http and the user/pass and you will be up and running with no hit in performance in just about 1 minute.

If you feel the need to use https, then review the steps here, you seem to have missed some:
https://developer.opto22.com/rest/pac/

Thanks Beno…that’s what I will do.