Within a Node-RED flow I have a CassandraDatabase node with a user and password. When I export the flow, these credentials are not contained in the JSON content, instead a flows_cred.json file appears with an encrypted string:
{"$": "df28.......
... however, if I copy this file out and try to bring up my Node-RED instance elsewhere, I get the following at startup:
[warn] Error loading credentials: SyntaxError: Unexpected token � in JSON at position 0
... followed by a repeating "AuthenticationError: Authentication provider not set", message. Indeed the credentials have not been picked up by the Node-RED flow, and so I must input manually again.
What is the trick to allowing me to export the credentials successfully?
The credentials file (flows_cred.json) is encrypted by default to ensure its contents cannot be easily read.
Node-RED generates a random key for the encryption if you do not provide one in your settings file. If the second instance of Node-RED doesn't have the same encryption key, it won't be able to decrypt the file.
Here are the steps you need to resolve this.
edit your settings.js file and add a credentialSecret property with a whatever string value you want. If you want to disable encryption, set its value to false.
credentialSecret: "my-random-string"
Restart Node-RED and deploy a change. This will trigger Node-RED to reencrypt your credentials with your chosen key (or disabling encryption if set to false).
You can then copy your flow/credential file to a second instance. Just make sure you give it the same credentialSecret value in its settings file.
Note that once you set credentialSecret you cannot change its value.