Secure Node-RED with SSL and Username and password authentication


Secure Node-RED with SSL



By default Node-RED is insecure. If the Application is exposed to the internet then anybody can modify the flow and access the data from the network working on Node-RED. So to make the connection secure we need to opt for the following options.

  • Use SSL Connection 
  • Use User Name and Password Authentication while accessing the Node-RED Application.

We are implementing secure node-RED on ubuntu20.04 based system.

Use SSL to secure Node-RED

To make Node-RED secure, we need to generate the Key and certicate for Node-RED Server. We will use the OpenSSl.To Install OpenSSL visit OpenSSL Site here or OpenSSL Binaries  for windows. For Linux or Ubuntu use this command to install OpenSSL

sudo apt-get install openssl

We need to generate he server certificate signed us to be used for Secure Node-RED connection.

Use the steps as show below to generate the key and server certificate

1. Generate Private Key by using the command.

    openssl genrsa -out nred-key.crt 2048

2. Generate .CSR file or Certificate Request. Use the following command.

    openssl  req -new -sha256 -key nodered-key.crt -out nred-csr.csr

3. Sign the certificate with private key to generate self-signed server certificate. Use the following command,
.
    openssl  x509 -req -in nred-csr.csr -signkey nodered-key.crt -out nred-cert.crt


Once the all the certificates files are generated,save these files in one folder.I have the all the three files in the  folder /home/adtechknow/nodered/certs


Edit the Settungs.js file for Node-RED

Once the certificates files are generated edit settings.js file located in /lib/node_modules/node-red.
Copy this settings.js file and paste it in the local folder of your choice. For me, I have saved this file in the folder /home/nodered.

Follow the steps as given below.

1. Open the file settings.js and locate the section security.
2. In security option locate the section option1 related to https. 
3.Uncomment https section and copy the path of the key file and server certificate file along with the path as shown in image given below.





4. Save the settings.js file and close it.

5. Now rum Node-Red from the terminal using the command.
    
    node-red -s /home/adtechknow/nodered/certs/settings.js


  Now Node-red is started running the secure mode as shown below with address https://127.x.x.x:1880. 




6. Copy the address https://127.0.0.1:1880/ in the browser 
.You may get the following warning which can be overcome by clicking on the Advance





It will say the certificate is self signed as we signed the certificate. Click on option Accept and continue to Enter the Node-Red Admin window.


UserName and Password Authentication

The Node-RED can be secured by providing the UserName and Password Authentication for access the Node-RED Admin Window.

Follow the steps as given below.

1. Open the settings,js file  and locate the section Security.
2. In the Security Section,locate the adminAuth
3.Copy the complete block of the adminAuth and paste it just below it.
4.Enter the and newly generated encrypted password as show in the figure.




5. Use the following command to generate the new encrypted password.

    node-red  admin hash-pw
   
  Run this command and enter your  new encrypted  password in authAdmin block password .




6.Save the settings.js and close the file.

7. Run the Node-Red Again and copy the address https://1xx.x.x.x:1880/ in the browser.

8. Enter the  Username and Password in the Login windows which pops up and access the admin window of Node-RED.

For more Details Watch this YouTube video


Post a Comment

Previous Post Next Post