Skip to main content

Changelog

This document provides a high-level overview of customer-facing features, improvements, and critical fixes introduced in each version.

[3.26.0]

🐛 Bug Fixes

  • All persistent state now survives Docker container rebuilds (Sterfive): On the official nodered/node-red image the PKI used to land at /usr/src/node-red/.config/opcua-for-node-red-nodejs/PKI, outside the only volume the image mounts (/data). The Cryptlex licence activation dat, the activation key, the telemetry queue, the licence v2 config, and the application instance-id had similar problems. Every container rebuild silently wiped all of them — trust store, rejected list, client's own certificate, AND the licence activation. The fix moves the OEM bootstrap from module-top-level into Node-RED's documented nodeInit(RED) lifecycle hook, captures RED.settings.userDir before any persistent path is resolved, and then auto-sets STERFIVE_CONTAINER_CONFIG_FOLDER so both getConfigFolder() (PKI, instance-id, activation key, telemetry, licence v2) and licence-check's resolveDataDir() (Cryptlex dat) land under the same /data-backed root. A startup-time strict-fail guard makes any future regression of this ordering crash loud with a pointer at the offending early caller, instead of silently regressing to the wrong path. Migration: existing installs with a populated PKI at the legacy env-paths location see a one-time startup warning pointing at the new location; copy the contents over (no automatic move — cert material is sensitive) or set STERFIVE_CONTAINER_CONFIG_FOLDER to the legacy parent to keep the previous behaviour. FlowFuse is unchanged — its existing FF_INSTANCE_ID branch keeps PKI at ${cwd}/opcua-for-flow-fuse/PKI exactly as before. See Setting up a Custom Certificate. Note: an earlier 3.30.x attempt at this fix was effectively a no-op because the bootstrap hook ran too late; this release ships the proper Node-RED-lifecycle-aware version.

  • Certificate Manager — Own tab now refreshes after creation: Fixed an issue on fresh installations (notably brand-new Docker containers) where clicking Create Self-Signed Certificate in the Certificates → Own tab showed the success toast but left the panel on the empty "No own certificate found" state. The certificate was being written to the wrong filename internally, so the OPC UA client and the UI disagreed on the active cert. Both Create and Renew now write to the same file the OPC UA stack actually loads at connection time. Users who hit this issue can safely delete a stray own/certs/self_signed_certificate.pem file from their PKI folder if present.

🎉 New Features

  • Certificate Manager Integration: Introduced a visual Certificate Manager tab directly inside the endpoint configuration panel. This powerful interface wraps the @sterfive/opcua-certificate-manager API into the Node-RED environment for real-time certificate issuance, trusting, and re-generation.
  • Streamlined Trial Registration: Added a "Welcome Registration" flow that allows users to rapidly register and acquire a short-term Trial ID straight from the UI. This drastically reduces the time-to-value for new trial evaluators.
  • FlowFuse Capability: Improved compatibility with FlowFuse deployments, specifically fixing PKI API registrations and licensing verification within containers.

🛠️ Breaking Changes & Architectural Fixes

  • Streamlined Output & Error Handling Architecture
    • We have centralized node helpers and standardized error streams across major nodes (OpcUa-Client2-Read, OpcUa-Client2-Call etc.).
    • Secondary Output Wire Removal: The experimental secondary output pins have been formalized out. All error streams and unhandled exceptions are now natively piped into the standard Node-RED error mechanisms.
    • Migration: Use the standard Node-RED Catch node wired directly beneath your client nodes to intercept errors efficiently and cleanly.

[3.24.0]

🎉 New Features

  • X509 User Identity: Upgraded the core OPC UA client components (to node-opcua 5.20+), which introduces full support for X509 User Identity when connecting to secure servers.
  • Telemetry & PKI Configuration: Enhanced folder configuration capabilities for PKI and telemetry data.
  • UI Polish: Replaced crude alerts with native, proper modal dialogs when interacting with Certificate details in the config panel.

[3.23.0] & [3.22.0]

🛠️ Core Improvements

  • Advanced White-labeling: Substantial under-the-hood refactoring to support configurable API namespaces and global RED instances. This lays the groundwork for OEM partners wanting to white-label the extension.
  • License Limitations: Refactored the core logic determining offline vs. online license constraints, providing a more robust enforcement model.

[3.21.0]

🎉 New Features

  • Extensive Reverse Proxy & Subpath Support: Natively brought in support for RED.settings.httpNodeRoot. The module APIs consistently respect Nginx and custom subpaths context, crucial for enterprise Kubernetes and Docker deployments.
  • Frictionless Purchasing: Overhauled the Support and Licensing overlay to feature a direct "Buy Online" workflow, heavily minimizing the steps required to acquire or upgrade a professional license.
  • Licensing UI Revamp: The license expiration overlay and the support tab were beautifully redesigned to cleanly expose your product information and telemetry APIs.