dfetzer Posted January 11, 2014 Posted January 11, 2014 Hi New to the forum and trying to access my isy994i remotely. I am successful reaching the web interface hitting my direct IP but Android chrome is complaining that its an unmatched cert and I have to click proceed anyway. Well, I tried creating a self-signed cert using the local address as the host 192.168...etc, but is that actually supposed to be my direct IP instead? I have HTTPS server and client settings at TLS 1.2 and 1.0 respectively. When I launch the URL via HTTPS android chrome states the identity not verified, server cert does not match UL, non trusted cert, It says that the connection is using ssl 3.0 yet I set up the client settings to TLS1.0 and it also complains that the server does not support TLS 1.0 I am trying to use tasker to call an insteon URL to shut off lights using autovoice but if I have not accessed in some time, it will open the URL and then request that i proceed anyway with this unverfied cert. Also doing the same with llama so that when I reach home it instantiates scenes for my arrival by calling https://my ip:my port/rest/nodes/16431/cmd/DON What am I doing wrong? Appreciate any help
Michel Kohanim Posted January 12, 2014 Posted January 12, 2014 Hi dfetzer, Hi New to the forum and trying to access my isy994i remotely. I am successful reaching the web interface hitting my direct IP but Android chrome is complaining that its an unmatched cert and I have to click proceed anyway. Well, I tried creating a self-signed cert using the local address as the host 192.168...etc, but is that actually supposed to be my direct IP instead? I have HTTPS server and client settings at TLS 1.2 and 1.0 respectively. It should be the URL/IP address that you use to access ISY from your Android When I launch the URL via HTTPS android chrome states the identity not verified, You will always get this unless you use a certificate from a Certificate Authority (CA) server cert does not match UL, non trusted cert, It says that the connection is using ssl 3.0 yet I set up the client settings to TLS1.0 and it also complains that the server does not support TLS 1.0 Are you certain the server settings are set to TLS 1.2? Do you have an ISY994i PRO Series? With kind regards, Michel
dfetzer Posted April 1, 2014 Author Posted April 1, 2014 appreciate the response...So I am still looking into the CA signed certs. You mentioned this in another thread: Use your own domain, setup a CNAME record for 'isy.yourdomain.com' pointing to 'yourhost.dyndns.org'. Request the cert for 'isy.yourdomain.com', you'll get the email to an address you control. This is exactly what I do. Michael. I just would like to use IP address and not run through dyndns - I don't want to pay anything if I can get around it. Maybe that is impossible. I used to use dyndns back about 2002, would rather just hit my IP for now. If I use IP I assume I dont need cname etc. I requested the cert through the ISY but I never received anything...Sounds to me like I need a domain, pay for hosting, point an alias from ISY to dynamic dns domain and then I can request the cert??? How exactly do I need to request this cert, and then use the wiki for installing cert in ISY? I need the 'how to do not get the cert error for dummies' edition using just my static IP address.
dfetzer Posted April 1, 2014 Author Posted April 1, 2014 i see this: If you have already made a Cert Request (#d) and have now been given an actual certificate based on your Cert Request (CSR), (I HAVE NOT RECEIVED THIS - how long does this take?) then click on the Receive Cert button to import the Certificate into ISY.
Michel Kohanim Posted April 1, 2014 Posted April 1, 2014 Hi dfetzer, From which Certificate Authority have you requested your certificate? With kind regards, Michel
Recommended Posts