Your Let's Encrypt SSL certificate is fine ✅
The warning is about QZ Tray's application signing certificate (separate system)
-
Run the setup script:
cd C:\Users\IRWIN\Documents\pdev .\setup-qz-override.ps1
-
Restart QZ Tray (script will prompt)
-
Done! No more warnings ✅
Creates C:\Users\<Username>\.qz\override.crt which tells QZ Tray to permanently trust your POS app's certificate.
If script doesn't work:
- Copy
server\public-key.pemtoC:\Users\<YourUsername>\.qz\override.crt - Restart QZ Tray
- Done
- Website HTTPS uses Let's Encrypt (trusted by browsers) ✅
- QZ Tray authentication uses your RSA key (not automatically trusted)
⚠️ - Both are completely separate security systems
- The override file tells QZ Tray "trust this specific app"
The qz-tray.service.ts has been updated with:
- SHA512 signature algorithm
- Better error handling
- Proper initialization flow
- Open POS app
- Try to print a test receipt
- Check QZ Tray icon (should be green)
- Console should show:
QZ Tray connected
See full guide: QZ_TRAY_CERTIFICATE_GUIDE.md
Or check:
- QZ Tray is running (system tray icon)
/api/signendpoint works (test in browser console)- Browser console shows no certificate errors
- Firewall allows localhost:8182
Bottom Line: Your Let's Encrypt cert is perfect for HTTPS. QZ Tray needs a separate app certificate which we've now configured to be trusted. Run the script on each terminal and you're good to go! 🎉