My n8n instance is using self signed certs for https. After a while (I think when I activate the workflow) the n8n server dies and the web front loses the connection. Node crashes with:
Version: 0.33.0
================================
Start Active Workflows:
================================
- test
ADD ID (active): 1
events.js:187
throw er; // Unhandled 'error' event
^
Error: self signed certificate
at TLSSocket.onConnectSecure (_tls_wrap.js:1321:34)
at TLSSocket.emit (events.js:210:5)
at TLSSocket._finishInit (_tls_wrap.js:794:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:608:12)
at Socket.ondata (internal/js_stream_socket.js:64:22)
at Socket.emit (events.js:210:5)
at addChunk (_stream_readable.js:308:12)
at readableAddChunk (_stream_readable.js:289:11)
at Socket.Readable.push (_stream_readable.js:223:10)
at TCP.onStreamRead (internal/stream_base_commons.js:182:23)
Emitted 'error' event on Connection instance at:
at TLSSocket._onError (/usr/local/lib/node_modules/n8n/node_modules/imap/lib/Connection.js:151:10)
at TLSSocket.emit (events.js:210:5)
at emitErrorNT (internal/streams/destroy.js:92:8)
at emitErrorAndCloseNT (internal/streams/destroy.js:60:3)
at processTicksAndRejections (internal/process/task_queues.js:80:21) {
code: 'DEPTH_ZERO_SELF_SIGNED_CERT',
source: 'socket'
}
Restarting (or even recreating the docker container) does no longer work unfortunately. It seems I need to wipe the settings.
Any idea what’s going on?
The root CA is trusted and the browser is happy with the server cert.
Maybe the client cert auth is a problem?
Sadly never saw that problem before and do also not have the slightest idea what would cause that.
Anyhow published yesterday a guide on how to set up n8n with docker-compose which also includes the certificate creation with Lets Encrypt. You can find it here:
Do you use Docker? If so the base image uses Alpine Linux which causes quite often issues with the SSL certificates. You can try to use the Ubuntu image (simply add “-ubuntu”). Maybe you have more luck there.
Apart from that I sadly have no idea how to solve that.
That is very strange. The database should not be encrypted. The only thing that gets encrypted is the credentials before they get saved to the database.
No idea how your setup is but if you use Nginx or similar it should be possible to use totally different directories, domains, ports and then simply route it in Nginx to webhooks or UI. And so you could also have different certificates.
I also added now documentation for the environment variables WEBHOOK_TUNNEL_URL and VUE_APP_URL_BASE_API which are important for that. You can find it here:
Also here contributions on how to improve the documentation are very welcome. It is definitely not my strong suit and are as a native german speaker additionally not the perfect candidate anyway.