Jump to content

SSL and 2048 encryption slowing down initial connection to ISY994


toddhutch

Recommended Posts

Posted

Good afternoon,

 

I've been integrating the ISY 994 into a number of different applications, and I'm using a SSL connection for all of them.  Since 1024 encryption is going away and the new minimum standard if you want a CA cert is 2048, the amount of time to establish your initial connection is taking a while.  My use typically entails pushing a variable every once in a while, so I'm always hit by the initial connection delay.

 

This is starting to become an issue with the garage door integration, by the time the ISY triggers a lights on, the wife can be in the house.  Since I'm leveraging IFTTT.com and the ISY rest/var/set to change states, I'm seeing more or less a 10 second delay(In addition to the other delays), and I do understand that is because of the encryption.  My garage door is controlled by the cloud MyQ so it's already a bit encumbered because I have to use the unpublished APIs.  Hopefully that is published and supported in the future.  I use however the rest/var for remote control of lights when I'm off site, and I prefer just using SSL and avoiding a VPN.  VPN is not convenient for my wife who is a Apple products user.

 

Has there been any discussion other than not using SSL or using a self signed certificate(Won't work with IFTTT.com because of a cert error), on how this might be addressed in the future?  Is a peppier box, or encryption chip, or something else able to help with this?

 

-Todd

Posted

We are told that work is afoot in 5.x to 'drastically' increase SSL speed. That will almost certainly help.

 

On a side note, I never was able to get a network resource to call the MyQ api to open or close the door. I went the route of my Elk wired to a remote - but would love to find what I was doing wrong.

 

Finally, IFTTT calling the ISY REST interface? Say it isn't so.... Directly? Or thru a proxy?

Posted

Hi toddhutch,

 

MWareman is correct: both 4.3.x branch as well as 5.x branch will have improvements but the initial connection still will take at least 4 seconds.

 

MWareman, you 4.3.x already has the improvement.

 

With kind regards,

Michel

Posted (edited)

MWareman,

 

Oh the fun that is MyQ!

 

I use alerts, and emails to note when the door is opened or closed.  For emails I have an email that goes to Gmail, which I label and forward to zapier.com their zapier email parser (free service, and has up to a 10 second delay, but typically 2-5) which then depending on the content of the email open or close, calls using webhook the ISY rest call to set a state for garage door up or down.  I then trigger lights from there.

 

I didn't go through the final steps for allowing opening and closing the door via ISY, but I had this down to the last step. So this is how I tackled this, have you used Yahoo Pipes before?  I have a pipe that go through and grab my security token, and takes the security token, and forms it into a URL that can be posted, and returns that full URL. (<rant> if ISY allowed text variables this would have been much easier </rant>)  You have to then have something that can post that URL and it will open or close. The Zapier tool has something to do this as well, but I stopped.

 

Ideally storing a variable in ISY, new functionality, would make this easy with the networking module.  Just add a network resource, and use the security token that Pipes makes which then pushes into ISY via the rest api.

 

(I gave up on ifttt.com for URL Get and Post, the hack for wordpress was a pain in the ___, so I switched to Zapier)

Edited by toddhutch
Posted

I just wanted to add that the SSL speed for me is very slow as well.

 

isy994izw - firmware 4.2.30

REST interface

local network (not through internet)

simple calls to turn on and off the light

 

2048 bit key takes around 4 seconds to respond

1024 bit key takes around 2.5 seconds to response

Regular HTTP is just about instantaneous.

 

It's a bit disappointing really. Where can I find more information about 4.3.x and 5.x?

Posted

Hi Elte156,

 

No information is currently available on 4.3.x/5.x except that they should be out shortly.

 

Please note that ISY is a micro computer running on 166Mhz. So, you will never get it to the point of being instantaneous on the initial connection (subsequent connections will be almost instantaneous). The best case would be 4-5 seconds on 2048 bit key. 

 

With kind regards,
Michel

Posted

I have issues with MobilLinc sending commands to devices through SSL, sometimes it takes upwards of 30-45 seconds for each command. It is able to read the devices without any issues. Not sure if it is supposed to take this long, but that is what I’ve been accustomed to, which is why I don't even use the application.

Through a reverse poxy the connection is almost instant, although the status of devices through the subscription method doesn’t work.



 

Guest
This topic is now closed to further replies.

×
×
  • Create New...