Originally posted by rjh
View Post
Announcement
Collapse
No announcement yet.
We need native HTTPS support!
Collapse
X
-
Is it easy to update the Zee2 to use Mono 5?
No. I have been helping a Zee2 user trying to update from Mono 4.6 to 5.4.
Having issues removing Mono 4.6 that is installed on the Zee2. Thinking Rich mentioned that it was built from scratch on the current Zee2 build.
Personally here way back with the original Zee just grabbed the Homeseer directory and built my own RPi with Wheezy.
When I upgraded to the Zee2 I did the same. (did write an new Zee2 image, then just copied the Homeseer directory out of the image).
@Magnus, it would be a nice Linux learning experience for you to DIY build a new RPi2 image for running Homeseer.
Use a spare SD card and build a new Stretch Zee2 and add mono 5.4 to it and copy over your Homeseer directory.
I am still using Wheezy on my RPi2's manually built and they are all running Mono 5.4 today.Last edited by Pete; December 21, 2017, 07:50 PM.- Pete
Auto matorHomeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram
HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant
Comment
-
I have been using it every day since last Sunday ( I think). Currently, in process of attempting to create my own certificate. With the holidays, not sure that I will have a lot of time testing thoroughly.
Originally posted by rjh View PostIf you are asking if the latest Beta has new SSL support, then yes, its in there.
Lots of people seemed to have asked for it, but I only know of one person actually trying it.HomeSeer 2, HomeSeer 3, Allonis myServer, Amazon Alexa Dots, ELK M1G, ISY 994i, HomeKit, BlueIris, and 6 "4k" Cameras using NVR, and integration between all of these systems. Home Automation since 1980.
Comment
-
I have been running 398 without any issues. Keep in mind that I do not use zwave as I am running Insteon. So, cant test that.
Originally posted by Moskus View PostI apologize, but my house needs to be running. I'm not risking beta versions at the moment!
I'll fire up the Zee2 and ... zee if I can install it there.
Is it easy to update the Zee2 to use Mono 5?HomeSeer 2, HomeSeer 3, Allonis myServer, Amazon Alexa Dots, ELK M1G, ISY 994i, HomeKit, BlueIris, and 6 "4k" Cameras using NVR, and integration between all of these systems. Home Automation since 1980.
Comment
-
Rich,
I have created a local certificate authority, and am in the process of generating a certificate from my own certificate. Then I will be generating a PFX, which I will import into HomeSeer.
Now, if you want others to do the end to end step for testing, do you have some preliminary documented procedures for folks to follow. Or do you want folks to just import/access the certificate that ships with HomeSeer?
Or, of course, it would be best if those folks that have certificate signed by a real certificate authority (GoDaddy, Verisign, etc) to test. At the moment I do not have one.
Ok, so reading my own email tells me that we need to do all three. Doh. Too early this morning.HomeSeer 2, HomeSeer 3, Allonis myServer, Amazon Alexa Dots, ELK M1G, ISY 994i, HomeKit, BlueIris, and 6 "4k" Cameras using NVR, and integration between all of these systems. Home Automation since 1980.
Comment
-
Ok, installed Chrome and connected to HS3 web service via HTTPS. I presume that Chrome is the official web browser to test with?
1.) Got usual and expected certificate error (due to the expired certificate that ships with HS3).
2.) Clicked on Advanced and accepted the certificate so that I can go to the HS3 web site.
3.) Traversing through web pages (using HTTPS) seems to work. All icons in the device management pages show up. No errors in the HS log.
High-level scan of network traffic between web client and HS3 HTTPS server shows that it is no longer in plain text as it would have been if it was regular HTTP traffic.
Can anyone else perform the same sort of test using a trusted certificate authority (such as GoDaddy, Verisign, etc)? I will now continue down the path of using my own certificate authority.
Is anyone able to perform some sort of penetration test? Let's get serious, while I would personally love to have HomeSeer Technologies have a third party perform penetration testing on the HS3 web server, it is not financially feasible based on the cost of the product they are charging. It is still my thought that myHomeSeer should get tested since it's intended use is to authenticate users via the Internet. But, if we had someone in the community that could do this that would be great.Last edited by Krumpy; December 22, 2017, 08:31 AM.HomeSeer 2, HomeSeer 3, Allonis myServer, Amazon Alexa Dots, ELK M1G, ISY 994i, HomeKit, BlueIris, and 6 "4k" Cameras using NVR, and integration between all of these systems. Home Automation since 1980.
Comment
-
I was just planning on including a self signed cert. And I actually did create a new one, its only included with the Linux builds right now, the next Windows build will also include it. For most users I think that will be as far they will go. If you are an advanced user, you can create your our own self signed cert (lots of instructions on the web). You can get your own cert from a signed authority although can you use those with a dynamic IP? You may need to have your home on a static IP.
Originally posted by Krumpy View PostOk, installed Chrome and connected to HS3 web service via HTTPS. I presume that Chrome is the official web browser to test with?
1.) Got usual and expected certificate error (due to the expired certificate that ships with HS3).
2.) Clicked on Advanced and accepted the certificate so that I can go to the HS3 web site.
3.) Traversing through web pages (using HTTPS) seems to work. All icons in the device management pages show up. No errors in the HS log.
High-level scan of network traffic between web client and HS3 HTTPS server shows that it is no longer in plain text as it would have been if it was regular HTTP traffic.
Can anyone else perform the same sort of test using a trusted certificate authority (such as GoDaddy, Verisign, etc)? I will now continue down the path of using my own certificate authority.
Is anyone able to perform some sort of penetration test? Let's get serious, while I would personally love to have HomeSeer Technologies have a third party perform penetration testing on the HS3 web server, it is not financially feasible based on the cost of the product they are charging. It is still my thought that myHomeSeer should get tested since it's intended use is to authenticate users via the Internet. But, if we had someone in the community that could do this that would be great.
Comment
-
I don't plan on supporting SSL with HSTouch, that would require new HSTouch clients. We will be supporting it with the new mobile client we are working on.
The SSL support that was just added is for web access.
Originally posted by lifespeed View PostI would be willing to test HTTPS access using the web client and HSTouch direct (no MYHS).
Comment
-
Thank you @rjh!
I'm working on switching over to a Linux box during break, and just tried out .398, and ssl working great so far.
FWIW, I created my own root cert for my local network, and just import it into my browsers on anything I need to access. No errors, and has a "real" cert (no need to register with a real cert authority). Since I use Google Domains for my domains (and it full supports dynamic dns), I could in theory get a real cert, but a waste of money for this.
Comment
-
Curious, what key length and digest algorithm did you use? I am hoping (suggesting) for key length 2048 or higher and SHA 256 or higher.HomeSeer 2, HomeSeer 3, Allonis myServer, Amazon Alexa Dots, ELK M1G, ISY 994i, HomeKit, BlueIris, and 6 "4k" Cameras using NVR, and integration between all of these systems. Home Automation since 1980.
Comment
-
I think the cert specifies this. I don't don't specify any of this when I authenticate the stream.
Maybe if someone can enable SSL and expose their system to the Internet we can check it with:
https://www.ssllabs.com/ssltest/
And see what it finds.
Originally posted by Krumpy View PostCurious, what key length and digest algorithm did you use? I am hoping (suggesting) for key length 2048 or higher and SHA 256 or higher.
Comment
-
Originally posted by rjh View PostI don't plan on supporting SSL with HSTouch, that would require new HSTouch clients. We will be supporting it with the new mobile client we are working on.
The SSL support that was just added is for web access.
Thank you for planning on supporting SSL in the new home control client. Will this be a conventional HTTP/S connection?
Sent from my iPhone using Tapatalk
Comment
-
The new app uses our JSON interface so it would go through the same SSL connection as this one. You can connect to your home through MyHS, or simply enter the IP address of your home system and connect directly.
Originally posted by Kerat View PostThank you for planning on supporting SSL in the new home control client. Will this be a conventional HTTP/S connection?
Sent from my iPhone using Tapatalk
Comment
Comment