Announcement

Collapse
No announcement yet.

Using a TLS proxy to connect to the Gateway

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Using a TLS proxy to connect to the Gateway

    This is no longer necessary.
    v2.0.8169.18110, released May 14, 2022, introduces a workaround to address Tesla's bug.

    The original post follows.



    Gateway software version 21.20.2 introduced a bug which prevents some systems from successfully connecting to the Gateway. Specifically, the Gateway now rejects secure connections which include SNI. While applications should not send SNI when connecting directly through an IP address, some apps do anyway. It appears that Mono on Linux is one such application, meaning that connecting to the Gateway directly from a HomeSeer plugin on Linux is now impossible until Tesla fixes their bug.

    As a workaround, you can connect through a TLS proxy script, which properly does not send SNI and thus can connect to the Gateway. Since the problem in this case is within the Mono .NET runtime, the proxy cannot be a .NET app so I've elected to write the script in Node.js instead. Therefore, to use this script you will need to install Node.js. You will also need the latest version of the HS plugin (2.0.7854.40100 or later). I've submitted it to the HS plugin updater; before it's approved you can also download it directly from GitHub.

    Follow these instructions on the device where you're running HomeSeer to set up the proxy script.
    1. Connect to your HomeSeer system via SSH
      • On Windows, you can use PuTTY to connect
      • On Linux or macOS, open Terminal and type ssh homeseer@your.homeseer.ip
      • For HomeTrollers, the username should be homeseer and the password should be hsthsths3 or hsthsths4
    2. Install Node.js
    3. Download the proxy script
      • wget <url from the "raw" button on GitHub goes here>
    4. Edit the UPSTREAM_ADDRESS at the top of the script to be your Gateway's IP address
      • Type nano tlsproxy.js to edit the file
    5. Start the script by typing node tlsproxy.js and make sure it starts without any errors
    6. Install v2.0.7854.40100 or later of the HS Powerwall plugin and open the settings page
    7. Update the Gateway IP in the settings page to be 127.0.0.1 and the port to be 32516, then click save
    At this point, the plugin should be working and your devices in HS should be updating. However, if you close your SSH window then the proxy script will close and the plugin will stop working again. To prevent this, you can use the pm2 utility to run it in the background.
    1. in the SSH window, press Ctrl+C to quit the proxy script
    2. Type sudo npm install -g pm2
    3. Once the pm2 installation finishes, type pm2 start tlsproxy.js
    4. At this point, the proxy script should be running in the background and you can safely close your SSH window
      • You will need to log in via SSH and type pm2 start tlsproxy.js to restart the proxy script every time your system reboots
    Should you wish not to attempt using a proxy script, you can also run the plugin remotely on a Windows PC by following the instructions at the bottom of this thread.
    Last edited by Dr. McKay; October 16, 2023, 01:36 PM. Reason: No longer necessary
Working...
X