Announcement

Collapse
No announcement yet.

We need native HTTPS support!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • TechFan
    replied
    Originally posted by rmasonjr View Post
    Current Date/Time: 3/1/2017 3:16:33 PM
    HomeSeer Version: HS3 Pro Edition 3.0.0.307
    Linux version: Linux RPi2 3.18.5-v7+ #225 SMP PREEMPT Fri Jan 30 18:53:55 GMT 2015 armv7l GNU/Linux System Uptime: 5 Days 23 Hours 59 Minutes 11 Seconds
    IP Address: 192.168.0.142
    Number of Devices: 299
    Number of Events: 170
    Available Threads: 372

    Enabled Plug-Ins
    2.0.89.0: BLRF
    3.0.0.31: EasyTrigger
    3.0.1.18: HAI
    3.0.0.103: HSTouch Server
    3.0.0.63: weatherXML
    3.0.1.102: Z-Wave
    I am also on 3.0.0.307 (Std though). I have not updated HSTouch, running on 3.0.0.85 (for over a year probably). MyHS web interface does allow me access to logs and event management. . .

    Leave a comment:


  • rmasonjr
    replied
    Originally posted by rjh View Post
    What version of HS3 are you using?

    Current Date/Time: 3/1/2017 3:16:33 PM
    HomeSeer Version: HS3 Pro Edition 3.0.0.307
    Linux version: Linux RPi2 3.18.5-v7+ #225 SMP PREEMPT Fri Jan 30 18:53:55 GMT 2015 armv7l GNU/Linux System Uptime: 5 Days 23 Hours 59 Minutes 11 Seconds
    IP Address: 192.168.0.142
    Number of Devices: 299
    Number of Events: 170
    Available Threads: 372

    Enabled Plug-Ins
    2.0.89.0: BLRF
    3.0.0.31: EasyTrigger
    3.0.1.18: HAI
    3.0.0.103: HSTouch Server
    3.0.0.63: weatherXML
    3.0.1.102: Z-Wave

    Leave a comment:


  • rjh
    replied
    What version of HS3 are you using?

    Originally posted by rmasonjr View Post
    myHS with HSTouch works ok, but takes a little time to load before I can control.

    I am unable to view the HS log or create/modify a HS event over myHS.
    Accessing the web interface with myHS just spins and never completes loading.
    It simply does not work for anything except HSTouch.

    Leave a comment:


  • rmasonjr
    replied
    myHS with HSTouch works ok, but takes a little time to load before I can control.

    I am unable to view the HS log or create/modify a HS event over myHS.
    Accessing the web interface with myHS just spins and never completes loading.
    It simply does not work for anything except HSTouch.

    Leave a comment:


  • rjh
    replied
    For accessing MyHS with user/pass with JSON, see the help file here, and click on the JSON section. On the first page there is a sample URL that includes user/pass:

    http://homeseer.com/support/homeseer...DK/default.htm

    Originally posted by Moskus View Post
    That's great! I'd love to see faster loading speeds.



    The web interface (using Jon00s excellent Quick Page builder) is extremely fast for getting the overview of the house.

    HStouch is great for what it does, but it's not perfect. It takes a while to start, to connect, and to load data, and worst of all: There's no Windows app at all.

    Making the web interface extremely useful, fast and reliable.
    WinSeer was designed to load quickly and find a device fast. I'm sure I'm able to find and control a device much, MUCH faster than you are.



    If you say so.
    I'll try this again at work, but on my cell phone it doesn't work like this.



    YES! This is very interesting!
    My app is using the JSON interface only, so if I can pass credentials along with the request, then MyHS is easily integrated.

    I've been looking in the documentation, but can't find anything. Point me in the right direction




    .... but I still think we need a proper SSL supported web server. You can even get free fully qualified certificates these days (take a look at letsencrypt.org), so there really aren't any excuses. We ARE in 2017, everything should be using SSL.

    Leave a comment:


  • jon102034050
    replied
    Seems crazy to me that there even has to be a thread dedicated to this. Its a no-brainer for a company that advertises themselves as NOT cloud reliant to have modern day SSL support. Although I do currently use openVPN to get to all my services, it'd be nice to have it externally available and not have to worry about that for at least 1 service.

    Leave a comment:


  • mloebl
    replied
    I run all my local servers from self-signed certs, and just need to import my local CA cert into my browsers. I can understand for some people this isn't very straight forward.

    However as @Moskus said, there's been a huge push from Let's Encrypt to give people free SSL certs. There's many apps and firewalls adding support for this.

    Google Domains hosts my domains, so I have a Dynamic DNS, with a real domain name, for my home IP and it's free (also totally automated on my firewall out of the box). There's also other Dynamic DNS services that do this for reasonable cost (I used Dyn.com prior to this). No reason I can't use a real cert for that for external connectivity.

    Leave a comment:


  • TechFan
    replied
    Originally posted by Moskus View Post
    .... but I still think we need a proper SSL supported web server. You can even get free fully qualified certificates these days (take a look at letsencrypt.org), so there really aren't any excuses. We ARE in 2017, everything should be using SSL.
    Nice to know. Haven't tried to get a new cert recently.

    HTTPS, Yes. I agree.

    Leave a comment:


  • Moskus
    replied
    Originally posted by rjh View Post
    MyHS can now use multiple servers, so setting up an EU server is possible and we are looking into it. It would speed things up.
    That's great! I'd love to see faster loading speeds.


    Originally posted by rjh View Post
    But I would think you would use HSTouch for remote access, I never use the web interface, HSTouch is much easier and HSTouch uses very little data so it should be just about as fast as local connection.
    The web interface (using Jon00s excellent Quick Page builder) is extremely fast for getting the overview of the house.

    HStouch is great for what it does, but it's not perfect. It takes a while to start, to connect, and to load data, and worst of all: There's no Windows app at all.

    Making the web interface extremely useful, fast and reliable.
    WinSeer was designed to load quickly and find a device fast. I'm sure I'm able to find and control a device much, MUCH faster than you are.


    Originally posted by rjh View Post
    There is no timeout if you leave the web browser open with MyHS, so you should be able to stay connected.
    If you say so.
    I'll try this again at work, but on my cell phone it doesn't work like this.


    Originally posted by rjh View Post
    As for your own app, if you are trying to access an HS system through MyHS just use the JSON interface. You pass the user/pass in the command so accessing is easy. If you need some docs on this, let me know.
    YES! This is very interesting!
    My app is using the JSON interface only, so if I can pass credentials along with the request, then MyHS is easily integrated.

    I've been looking in the documentation, but can't find anything. Point me in the right direction




    .... but I still think we need a proper SSL supported web server. You can even get free fully qualified certificates these days (take a look at letsencrypt.org), so there really aren't any excuses. We ARE in 2017, everything should be using SSL.

    Leave a comment:


  • Spencer
    replied
    I currently reverse proxy as well and offload SSL, but you are I agree it would be nice to have the option to have adequate security as an option for the HS webserver

    Leave a comment:


  • TechFan
    replied
    Originally posted by rjh View Post
    MyHS can now use multiple servers, so setting up an EU server is possible and we are looking into it. It would speed things up.

    But I would think you would use HSTouch for remote access, I never use the web interface, HSTouch is much easier and HSTouch uses very little data so it should be just about as fast as local connection.

    There is no timeout if you leave the web browser open with MyHS, so you should be able to stay connected.

    As for your own app, if you are trying to access an HS system through MyHS just use the JSON interface. You pass the user/pass in the command so accessing is easy. If you need some docs on this, let me know.
    Unfortunately, HSTouch won't even start for me without crashing on my iPhone and iPad. Using HSBuddy so I can actually access my system outside the web interface. Also, if you are trying to create or edit an event or check the server logs, HSTouch won't cut it.

    If I had the source for the Pebble Seer app, I would see if there was anything I could do to get it to work through myhs, but I don't. Kriz was saying back when he first wrote it that it wasn't working through myhs for some reason. Also, I use another login for that app. . .and myhs only allows for the one login on the default setup. . .

    Leave a comment:


  • TechFan
    replied
    Originally posted by rjh View Post
    The local web interface is not going away, you will always be able to manage your system locally, without an Internet connection.

    You really cannot use SSL securely without a domain. Sure you can create a self signed cert, but that is not really secure.

    I don't know why there is a push back on MyHS, we have made it very reliable (I use it every day), and it uses SSL, and its free. Why should we provide yet another secure solution for accessing your home system? That is so complicated that only the really technical can use it?

    There are bunch of free tunneling apps out there that you can run on your PC and it will allow you to securely tunnel into your home system. Also, as mentioned, you can use a VPN. So there are solutions available for the technically minded.
    Thanks Rich for taking the time to join the conversation and respond.

    I know that I have been hoping for https access to the Zee since it was released. I don't know what specifically makes it complicated with Mono on Linux, but it seems like it is for some reason. I started doing some research, but didn't get far because I didn't want to break anything.

    I see what you are saying about self-signed certs, but it isn't that they are secure, it is just that you need to be able to import and trust the cert on the client side for it to be effective. . .when you are connecting to your own systems, they are a great tool. I suspect some here have their own domains or a dyndns hostname that they would tie the cert to in implementation.

    For many here (including me), we see how cloud services come and go and we don't want our secure remote access to be dependent or tied to an online service. If there is internet up at the house, we want to be able to connect to it. Even if myhs went away completely, it wouldn't change the usefulness of the system.

    Even though https is only being discussed for remote access. . .we really should be able to protect our internal systems by accessing them over https. . .just because it is local doesn't always mean it is safe. Security by obscurity only goes so far. . .

    Leave a comment:


  • jon00
    replied
    Originally posted by cheeryfool View Post
    I know that this is only a guide, but I see ping times from East Coast USA to myhs at ~35ms. I see transatlantic pings mostly of 70-90ms - depending on site.

    What do you guys in Europe see for myhs currently?
    89ms here in London

    Leave a comment:


  • cheeryfool
    replied
    Originally posted by jon00 View Post
    What slow speeds are you experiencing Moskus?
    I know that this is only a guide, but I see ping times from East Coast USA to myhs at ~35ms. I see transatlantic pings mostly of 70-90ms - depending on site.

    What do you guys in Europe see for myhs currently?

    Leave a comment:


  • rjh
    replied
    MyHS can now use multiple servers, so setting up an EU server is possible and we are looking into it. It would speed things up.

    But I would think you would use HSTouch for remote access, I never use the web interface, HSTouch is much easier and HSTouch uses very little data so it should be just about as fast as local connection.

    There is no timeout if you leave the web browser open with MyHS, so you should be able to stay connected.

    As for your own app, if you are trying to access an HS system through MyHS just use the JSON interface. You pass the user/pass in the command so accessing is easy. If you need some docs on this, let me know.

    Originally posted by Moskus View Post
    I have two-three issues with MyHS:
    1. MyHS is much faster now than it was before, but it is still noticably slower. We need a EU server.
    2. Can you tell me how I can add support for e.g. my own app, WinSeer? I'm sure it's possible but I can't figure out how.
    3. I want to stay logged in for as long as I want.


    Other than that, I don't have anything against MyHS, but it is still yet another (relatively slow) cloud connection I am hoping to avoid.

    Leave a comment:

Working...
X