GoogleSmartHomeNode(constructor): error {"errno":-2,"syscall":"open","code":"ENOENT"}
Closed this issue · 12 comments
Hello all,
I have a Raspberry PI 3B+ with Node-RED version: v3.0.2 and I would like to use the node: node-red-contrib-google-smarthome 0.4.2. I downloaded it and used the Management node in a flow. I filled all the fields of this node and deployed it. But after the 'node-red-start', I got the following error message:
SmartHome:Start(listen): using internal SSL
GoogleSmartHomeNode(constructor): error {"errno":-2,"syscall":"open","code":"ENOENT"}
8 Jan 15:22:17 - [error] Error: ENOENT: no such file or directory, open
How to get the name of the missing file or directory ?
Thanks for your help.
Best regards.
sergemartin66
Hello @sergemartin66 ,
yes, the error message could be better.
In your case, the path to the private or public SSL key is wrong.
You can either give an absolute path (e.g. /etc/certbot/some/path/.../fullchain.pem) or a path relative to Node-RED's work directory (where your flow.json, settings.json etc. are).
Regards,
Caprico
I improved the error messages a little bit. Will be part of the next release.
Hello Caprico85,
Thank you very much for your help.
I have only a Private key in my SSL certificate: /etc/letsencrypt/live/pacosammaro.hopto.org/privkey.pem .
What do I have to put in the 'Public Key' field ?
Best regards.
sergemartin66
"Public key" is the path to the SSL certificate. With Lets Encrypt, it's the file fullchain.pem.
Hello Caprico85,
Thank you very much for your help. The Public key and the Private are now taken into account.
I'm sorry if I disturb you again but I have another error message:
21 Jan 17:12:10 - [info] Started flows
21 Jan 17:12:11 - [error] SmartHome:Start(): err:Error: listen EACCES: permission denied 0.0.0.0:443
GoogleSmartHomeNode(on-server): state = error
GoogleSmartHomeNode(on-server): param1 = Error: listen EACCES: permission denied 0.0.0.0:443
GoogleSmartHomeNode(on-server): found mgmt client
Do you have an idea ?
Best regards.
sergemartin66
EACCESS means Node-RED can not read the certificate files due to file ownership or permission problems. Do a ls -l <path to the files> and check the owner and permisions of the files. Node-RED (or more specifically the user Node-RED is running as) must have at least read permission to the files. Try doing chmod +r <file> for both files. That should give everybody read permissions.
Hello Caprico85,
Thank you very much for your help. I did the 'ls -l :
-rw-r--r-- 1 root root 5611 janv. 1 16:30 fullchain1.pem
-rw-r--r-- 1 root root 5611 janv. 8 17:14 fullchain2.pem
-rw-r--r-- 1 root root 1704 janv. 1 16:30 privkey1.pem
-rw-r--r-- 1 root root 1704 janv. 8 17:14 privkey2.pem
So I think that all users can read the certificat files. I did the 'more fullchain2.pem' and the 'more privkey2.pem' when I am the classical user and I read both files without error.
A little strange, isn't it ?
Best regards.
sergemartin66
Aaah damn. I should have read the error message better. Sorry.
It's not the certificate file that can't be read. It's 0.0.0.0:443. That means node-red-contrib-google-smarthome can't start its webserver listening on port 443 because of permissions.
Am I correct that you are trying to use port 443 as the webserver port?
It's a Linux security measure. Port 443 is a privileged port that by default only the root user can bind to. node-red-contrib-google-smarthome does not run as root, so it can't use this port.
There are ways to work around this, but this may open up other security issues. The best way would be to use a different port. All ports above 1024 are fine as they can be used by non-root users too.
Hello Caprico85,
Thank you very much for your help.
I replaced the 443 port by the 1881 port and now, the node-red-start runs without error message:
But I got the 404 status after I used the 'https://pacosammaro.hopto.org:1881/smarthome/check' command in the https://reqbin.com/ web site. Do you know what can I check or modify ?
Other information:
the 1881 port has been detected OPEN by the https://www.yougetsignal.com/tools/open-ports/ web site,
the 'https://pacosammaro.hopto.org:443/avance.php?duree=20' command (outside the Node-Red tool) works fine.
I saw a small message in the SSH windows that my PI received the https message with the check command:
Best regards.
sergemartin66
Hi @sergemartin66,
do you have a Path set in your configuration?
If you set a path of FOOBAR, your URL would be https://pacosammaro.hopto.org:1881/FOOBAR/check. If Path is empty, your URL would be https://pacosammaro.hopto.org:1881/check.
Path can be used to host the smarthome service in a subpath of the URL. Some people want to host different services on different subpaths of the same domain. For example Node-RED at example.com/nodered, FHEM at example.com/fhem and the Google Smarthome service at example.com/google. The Path field can be used to do this. However, this requires additional configuration on a reverse proxy.
If you don't have this specific need, it would be probably best to leave the Path field empty. The URLs provided by the smarthome service would then be:
https://pacosammaro.hopto.org:1881/check (URL of the test page)
https://pacosammaro.hopto.org:1881/smarthome (Fulfillment URL in the Google Console)
https://pacosammaro.hopto.org:1881/oauth (Authorization URL in the Google Console)
https://pacosammaro.hopto.org:1881/token (Token URL in the Google Console)
Best regards
Caprico85
Hello Caprico85,
Thank you very much for your help.
My Path field contained https://pacosammaro.hopto.org:1881/smarthome .
I set the Path field empty after the reception of your email and now the https://pacosammaro.hopto.org:1881/check works correctly !!
Best regards.
sergemartin66
I am glad I could help you.
I'll rename the Path field in the next release to avoid confusion.