Jump to content

Connect to https resource with self signed cert (hue hub api v2)


pinlawr

Recommended Posts

Posted

I read through the info in this thread (Can you ignore ssl validation in a Network Resource?) and I am basically having the same issue.

I've attached my network settings (protocol on both is set to 1.2, since it's not visible in the screenshot). Also attached is the network resource and the simple error message I'm getting back. Toggling SNI changed nothing (which wasn't a surprise since the cert has no SNI entries). The request has to be PUT.

I have the self-sign cert from the hub exported, but I don't see any way to import it as trusted, or simply tell the ISY to ignore it.

I have a Polisy, but haven't moved to IoP yet. As a test, I exported/imported my network resources into IoP just as they are, and they DID work fine without any errors.

Thanks for any help!

network settings.png

network resource.png

eventlogerror.png

Posted
32 minutes ago, pinlawr said:

I read through the info in this thread (Can you ignore ssl validation in a Network Resource?) and I am basically having the same issue.

I've attached my network settings (protocol on both is set to 1.2, since it's not visible in the screenshot). Also attached is the network resource and the simple error message I'm getting back. Toggling SNI changed nothing (which wasn't a surprise since the cert has no SNI entries). The request has to be PUT.

I have the self-sign cert from the hub exported, but I don't see any way to import it as trusted, or simply tell the ISY to ignore it.

I have a Polisy, but haven't moved to IoP yet. As a test, I exported/imported my network resources into IoP just as they are, and they DID work fine without any errors.

Thanks for any help!

network settings.png

network resource.png

eventlogerror.png

In the thread you posted, Michel replied:

"DO NOT check the Verify button. You'll make things worse. Please make sure you are using TLS1.2 / Strength All, SNI checked and timeout 10000. If that does not work, something else is wrong."

I don't see the settings you posted as matching Michel's recommendation. I would start there and then if it doesn't work, check the error message.

Can't tell, are you using TLS1.2?

You don't have SNI checked.

Does it work from a browser?

Posted
35 minutes ago, DennisC said:

I don't see the settings you posted as matching Michel's recommendation.

My settings are exactly as suggested.

In my screenshot you can see that verify is NOT checked.

I mentioned that it's set to TLS 1.2 since it's not visible in the screenshot.

Resource screenshot shows it's set to a 10,000 timeout.

I also mentioned that SNI doesn't make a difference checked or unchecked (and it wouldn't anyway since the cert in question doesn't use SNI).

It works from a browser, curl, and postman.

I also mentioned it DOES work on a ISY on Polisy, just not on the 994.

Posted
16 minutes ago, pinlawr said:

My settings are exactly as suggested.

In my screenshot you can see that verify is NOT checked.

I mentioned that it's set to TLS 1.2 since it's not visible in the screenshot.

Resource screenshot shows it's set to a 10,000 timeout.

I also mentioned that SNI doesn't make a difference checked or unchecked (and it wouldn't anyway since the cert in question doesn't use SNI).

It works from a browser, curl, and postman.

I also mentioned it DOES work on a ISY on Polisy, just not on the 994.

That's good, what about the error log?

Guest
This topic is now closed to further replies.

  • Recently Browsing

    • No registered users viewing this page.
  • Forum Statistics

    • Total Topics
      37k
    • Total Posts
      371.4k
×
×
  • Create New...