Open jim788e opened 4 years ago
It looks like the Tuya app verifies the certificate (aka. certificate pinning). I don't know if we will be able to work around this.
certificate pinning Stupid Tuya Key Pinning turned out to cause more problems than it solved. It was frequently misconfigured by site owners, plus in the event of a site compromise, attackers could maliciously pin a cert that the site owner didn't control. Key Pinning was deprecated in 2017, and was removed entirely from Chrome and Firefox in Nov. 2019. It was never supported to begin with by IE and Safari.
Not really. As in this example you can no longer man-in-the-middle attack the app. I'm not sure how I'm going to get my devices set-up now.
Update: I managed to set them up using a different Tuya app that didn't have certificate pinning enabled. The app is called Grid Connect on the iOS App Store.
Update: I managed to set them up using a different Tuya app that didn't have certificate pinning enabled. The app is called Grid Connect on the iOS App Store.
how ; using this addon with credentials from Grid Connect?
i follow the setup instructions and i get thiss message. The same message repeat 4 times that is the number of my devices. i use the stable version end the homebridge-tuya-lan@1.5.0-rc.12 with the same result. in my iphone take this screenshot is in greek for (error of network connection.please check the network status) Also i try to get the id with charles proxy from my pc and i have the same error. perhaps tuya chenage something with the secure conection.
Error: ERR_TLS_HANDSHAKE_TIMEOUT Error [ERR_TLS_HANDSHAKE_TIMEOUT]: TLS handshake timeout at TLSSocket._handleTimeout (_tls_wrap.js:744:22) at Object.onceWrapper (events.js:312:28) at TLSSocket.emit (events.js:223:5) at TLSSocket.Socket._onTimeout (net.js:474:8) at listOnTimeout (internal/timers.js:531:17) at processTimers (internal/timers.js:475:7) { code: 'ERR_TLS_HANDSHAKE_TIMEOUT' Error: ERR_SSL_SSLV3_ALERT_BAD_CERTIFICATE [Error: 1995883536:error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert number 42 ] { library: 'SSL routines', function: 'ssl3_read_bytes', reason: 'sslv3 alert bad certificate', code: 'ERR_SSL_SSLV3_ALERT_BAD_CERTIFICATE'