Announcement

Collapse
No announcement yet.

Configure Node-Red to communicate with HomeSeer over HTTPS?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Configure Node-Red to communicate with HomeSeer over HTTPS?

    I'm trying to setup NodeRed and HomeSeer. I have HomeSeer running being a reverse-proxy secured an SSL certificate. However, I don't seem to be able to setup the HomeSeer Server definition within NodeRed as an SSL connection.

    If I try to set it up as the following:

    ‚Äč

    then NodeRed isn't able to communicate with HS4. If I look at connection it is trying to make, it is sending unencrypted requests to the HTTPS port. In fact, if I trace the connection, I see it is trying to reach `http://homeseer.domain.ca:443`, which clearly is wrong.

    If I change the IP address to be `https://homeseer.domain.ca` instead, it attempts to resolve `https` as an IP, which is not correct either.


    Has anyone had any success configuring NodeRed to communicate with HS over SSL/HTTPS?


    Thanks,

    Eric

    #2
    You may have to secure the server but not the nodes...Take a look at this : http://stevesnoderedguide.com/securing-node-red-ssl else what you are trying to do has not been implemented.


    Eman.
    TinkerLand : Life's Choices,"No One Size Fits All"

    Comment


      #3
      Originally posted by Eman View Post
      You may have to secure the server but not the nodes...Take a look at this : http://stevesnoderedguide.com/securing-node-red-ssl else what you are trying to do has not been implemented.
      Thanks. I had read through that doc already, but that relates more to the incoming requests into NodeRed. I was looking more at the outgoing requests from NR -> HS. And those I could not seem to enable via https.

      I guess it hasn't been implemented yet, although I do find that a little surprising given that https has become the defacto norm these days.

      Thanks,

      Eric


      Comment


        #4
        Did you check the "Enable Secure (SSL/TLS) connection check box in the http request node configuration page?

        Comment


          #5
          Are HomeSeer and Node Red on the same network?
          Karl S
          HS4Pro on Windows 10
          1070 Devices
          56 Z-Wave Nodes
          104 Events
          HSTouch Clients: 3 Android, 1 iOS
          Google Home: 3 Mini units, 1 Pair Audios, 2 Displays

          Comment


            #6
            Originally posted by mterry63 View Post
            Did you check the "Enable Secure (SSL/TLS) connection check box in the http request node configuration page?
            The HomeSeer device node does not use the same configuration page and doesn't have the "Enable Secure (SSL/TLS) connection check box".

            Unless I'm doing this incorrectly?

            Thanks
            Eric

            Comment


              #7
              Originally posted by ksum View Post
              Are HomeSeer and Node Red on the same network?
              Technically they are on different segments of the network. Both are running in Docker containers and both are behind a reverse proxy which does SSL termination.

              Thanks
              Eric

              Comment


                #8
                Originally posted by benze View Post

                Technically they are on different segments of the network. Both are running in Docker containers and both are behind a reverse proxy which does SSL termination.

                Thanks
                Eric
                I guess I'm confused. Of they are on the same network, and apparently the same reverse proxy ("...both are behind A reverse proxy...") then why aren't they accessible to each other via IP address without the need for SSL? Maybe I'm oversimplifying this but do they really need all that complication?
                Karl S
                HS4Pro on Windows 10
                1070 Devices
                56 Z-Wave Nodes
                104 Events
                HSTouch Clients: 3 Android, 1 iOS
                Google Home: 3 Mini units, 1 Pair Audios, 2 Displays

                Comment


                  #9
                  Originally posted by ksum View Post

                  I guess I'm confused. Of they are on the same network, and apparently the same reverse proxy ("...both are behind A reverse proxy...") then why aren't they accessible to each other via IP address without the need for SSL? Maybe I'm oversimplifying this but do they really need all that complication?
                  They are both currently running on the same Docker host, however I'm planning to split o to different hosts once everything is running well. So using the internal IP is not really an option.

                  Additionally, I currently only had HomeSeer exposed via SSL this requires me to expose it over the non encrypted port as well. Im just surprised that it wasn't an option in the configuration pane, so presumed it had to be hiding somewhere else.

                  Overkill on an internal network? Most likely but I like to standardized configurations and topologies as much as possible across most of my services.

                  Thanks
                  Eric

                  Comment


                    #10
                    Originally posted by benze View Post

                    They are both currently running on the same Docker host, however I'm planning to split o to different hosts once everything is running well. So using the internal IP is not really an option.

                    Additionally, I currently only had HomeSeer exposed via SSL this requires me to expose it over the non encrypted port as well. Im just surprised that it wasn't an option in the configuration pane, so presumed it had to be hiding somewhere else.

                    Overkill on an internal network? Most likely but I like to standardized configurations and topologies as much as possible across most of my services.

                    Thanks
                    Eric
                    Then try the Host IP ( eth0) for both Containers or 127.0.0.1 for the Host internal IP unless I misread your post.(The internal Docker IPs should be 172.17.0.x... Same Subnet)


                    Note : It's the host which you should be securing not the containers.


                    Eman.
                    TinkerLand : Life's Choices,"No One Size Fits All"

                    Comment


                      #11
                      benze the current NodeRed integration does not support https for NodeRed to HS communication. I created an internal feature request for this enhancement. That being said the HS NodeRed contrib is open source, so if someone wants to take a crack at it, it would be welcomed. Basically what needs to be done is to add a parameter in hs-server.html to let the user select between http and https, and then in hs-server.js replace all the hard coded http:// calls by what the user has selected in his HS server config.

                      Comment

                      Working...
                      X