Michel Kohanim

Hi hbs01, You can inspect the cert using Windows (open it). Or, if you can get Java console open, if the Cert does not end with = or ==, then in all likelihood it's SHA2. With kind regards, Michel

Hi hbsh01, I am so very sorry to hear. I think I know the problem which the same as the one for GoDaddy: the certificate is using SHA2 signature and throwing ISY off. If you don't mind waiting for our next Beta, in a month, then that's the solution. If you cannot wait, please send an email to support@universal-devices.com and we'll send you our alpha which has this fixed. With kind regards, Michel

Hi Alan, Session resumption is a feature of TLS that basically reuses the negotiated keys across multiple connections so that you would not have to incur the cost of negotiating keys (10 seconds) on every connection. Hi giesen, Understood and you are correct on both counts. We do have multi-user requirement on our plate AND we do have plans for a security enhancement release. So, at least there's hope! With kind regards, Michel

Hello cableudi, I am so very sorry to hear. Would you be kind enough to submit a ticket (links below) so that we can address these issues immediately and more efficiently? With kind regards, Michel

Hi giesen, Yes we can but even that requires development. I am concerned that SSL is taking too long. It should NOT if the client (i.e. eKeypad) uses session resume. It should only take 10 second on the initial connection. The rest should be just a little longer than http (still less than a second). With kind regards, Michel

Hi paauto, That's normal since it was not the scene turning on/off but the controller in that scene as such nothing in the log. You will get a log entry if someone explicitly turns on/off the scene on ISY. With kind regards, Michel

Hi Clearwater1957, Yes, indeed Verizon ActionTech routers AND DirecTV have been quite a nightmare for us since they keep "assuming" ISY is a media server and try to extract media from it. This said, you should not have any problems accessing ISY. Questions: 1. Is your ISY setup with static IP address? If so, you might want to go back to DHCP 2. Do you have any port forwarding rules for your ISY? If so, please remove them temporarily and see whether or not there are any improvements 3. And, finally, if you can ever access ISY, please download Tools | Error Log and send it to support@universal-devices.com With kind regards, Michel

Hi paauto, Yes, indeed sounds like a loop. You really do not want to have programs that a) have conditions based on devices in a scene and impact the same scene. For those, it's best to just use the scenes without programs. With kind regards, Michel

Hi ticklemeozmo, You are 100% correct and I am not disputing that API keys are more secure. This said, currently we do not have that framework and it'll require much development and major regression testing. At the moment, we do recommend: a) Changing the certificate Accessing ISY using HTTPS when outside (even inside) c) Change your password With kind regards, Michel

Hi ticklemeozo, Unfortunately we do not plan to provide any unrestricted access to ISY especially given all the reports of security holes/attacks to home automation devices. With kind regards, Michel

Hi ticklemozmo, I am so very sorry but we have explicit information in 994iZ Series as far as devices that are supported: http://www.universal-devices.com/commer ... -z-series/. Furthermore, there are 100s of different types of Zigbee devices each one of which uses a different profile or proprietary protocol. In short, just because something is Zigbee it does not mean that it'll work with anything else Zigbee (actually, in the case of Zigbee, the reverse is more true). With kind regards, Michel

Hi paauto, This is bizarre and something we have never experienced before. If they are alternating, then it seems there is an ISY program that's doing this. Can you look at the logs for that time period and look for any entries with the User being Program? With kind regards, Michel

Hi switches, There are no options. With kind regards, Michel

Hi ticklemeozmo, You can not. With kind regards, Michel

Hi widnerm, Thanks so very much for the feedback. Since we tried this a long time ago, and since it actually locked everything else, we will have to check and make sure which models/versions exhibit do actually exhibit the complete lockout. In the meantime, I have added it as a feature request so that we can track it (119). With kind regards, Michel

Hi widnerm, We never added program lock option in the options for SWL. This was by design (not omission) since, once you set it, in some cases, you might not be able to reset it and might have to factory reset your device. With kind regards, Michel

Hi Autonow, If you are still having problems, please do not hesitate to contact our support. With kind regards, Michel

Hi Broyd, Welcome to our world! 1. It's important if and only if you have programs that require accurate status of all devices. If you don't use dim/brighten much, then it's not that important 2. It's very simple: If Time is 3:00:00AM Then Set Scene 'ISY' Query Else - No Actions - (To add one, press 'Action') With kind regards,

Hi Exten, I think that would be a good idea: a checkbox to disable http altogether. Or, if you wish, use a very obscure port for http something like 30692. With kind regards, Michel

Hi Exten, I do not recommend it since, theoretically, ISY will choose a default port but this has never been tested. With kind regards, Michel

Hi hbsh01, Yes, you can regenerate the CSR and get it signed. The bundle.crt has all the certificates in the chain. The process is something like this: For a Android to trust ISY, then the certificate in ISY must be signed by an authority that is known to Android. So, it seems that GoDaddy is not trusted by Android and, therefore, you will have to get all the intermediate certificates that go up to the root authority and install in it Android. Here's a list of all chains for GoDaddy: https://certs.godaddy.com/anonymous/repository.pki This said, I am not entirely sure which ones you need. I am hoping that someone else with GoDaddy certificates can help. With kind regards, Michel

Hi hbsh01, For this you need a Certificate that is signed by a CA (Certificate Authority) such as Verisign, CheapSSL, DigiCert, etc. Nothing else would work. Well, the certificate is NOT trusted because it's signed by YOU and not a CA ... see above please. It should work in IE if you follow http://wiki.universal-devices.com/index ... te_Install We use Network Solutions for all our domain activities. Once in a while they have good deals on domain names. But, there are a lot of other domain name resellers (including GoDaddy). Once you have that, then you can use dyndns. YOU ARE LUCKY! Unfortunately, GoDaddy recently moved most of their certificate signatures to SHA-2 which neither 99 nor current 994 firmware support. Our next firmware release for 994 will support SHA-2 as signature algorithm for certificates but I do not yet have a release date. This I cannot explain! Which dialog box? Receive Certificate? If so, you can try and redo the original step that made it work. mydomainname.crt Try rebooting your android You might have to but it's free. I've used it many times With kind regards, Michel

Hi jmed999, I think you may have installed and/or reconfigured firewall software which is now blocking UDP traffic. That's why ISY Finder is not finding ISY. With kind regards, Michel

Hi GeneInSoCal, Yes, a lot! Basically they ran out of funding for HAN testing and, based on PUC direction, they are moving all testing to 3rd party labs. In short, we just have to keep waiting till we are called upon by the 3rd party lab. I am so very sorry. With kind regards, Michel

Hi paauto, Excellent! I would say 2 seconds should be fine. With kind regards, Michel