Cannot register new client

[cmkreuter]

I have a certificate per your documentation and base64 encoded the password that I just set, but when I send the request (after pressing the button on the controller) I get

• Preparing request to https://bosch-smart-home-controller.fritz.box:8443/smarthome/clients
• Using libcurl/7.64.1 (SecureTransport) LibreSSL/2.8.3 zlib/1.2.11 nghttp2/1.39.2
• Current time is 2020-03-10T19:18:06.373Z
• Disable timeout
• Enable automatic URL encoding
• Disable SSL validation
• Enable cookie sending with jar of 0 cookies
• Hostname in DNS cache was stale, zapped
• Trying 192.168.188.42...
• TCP_NODELAY set
• Connected to bosch-smart-home-controller.fritz.box (192.168.188.42) port 8443 (#7)
• ALPN, offering h2
• ALPN, offering http/1.1
• successfully set certificate verify locations:
• CAfile: /etc/ssl/cert.pem
• CApath: none
• TLSv1.2 (OUT), TLS handshake, Client hello (1):
• TLSv1.2 (IN), TLS handshake, Server hello (2):
• TLSv1.2 (IN), TLS handshake, Certificate (11):
• TLSv1.2 (IN), TLS handshake, Server key exchange (12):
• TLSv1.2 (IN), TLS handshake, Server finished (14):
• TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
• TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
• TLSv1.2 (OUT), TLS handshake, Finished (20):
• TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
• TLSv1.2 (IN), TLS handshake, Finished (20):
• SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
• ALPN, server did not agree to a protocol
• Server certificate:
• subject: C=DE; O=Bosch Thermotechnik GmbH; CN=64-da-a0-02-30-fa
• start date: Sep 16 08:56:31 2018 GMT
• expire date: Sep 16 08:56:31 2020 GMT
• issuer: C=DE; O=Bosch Thermotechnik GmbH; CN=Smart Home Controller Issuing CA
• SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.

POST /smarthome/clients HTTP/1.1 Host: bosch-smart-home-controller.fritz.box:8443 User-Agent: insomnia/7.1.1 Content-Type: application/json Systempassword: XXXXXXXXXXXX Accept: / Content-Length: 1424

| { | "@type": "client", | "id": "oss_test", | "name": "OSS test", | "primaryRole": "ROLE_RESTRICTED_CLIENT", | "certificate": "-----BEGIN CERTIFICATE-----\rxxxxxxx\r-----END CERTIFICATE-----" | }

• upload completely sent off: 1424 out of 1424 bytes

< HTTP/1.1 401 Unauthorized < x-mbs-platform-state: 100 < date: Tue, 10 Mar 2020 19:03:57 GMT < content-length: 0 < Cache-Control: no-cache, no-store, must-revalidate < connection: close

• Closing connection 5
• TLSv1.2 (OUT), TLS alert, close notify (256):

This is a log from Insomnia, but Postman has the same result. Any ideas what is missing?

[philbuettner]

Hi cmkreuter,

you get a 401 Unauthorized as a response. This is probably due to the fact that the password was incorrectly encoded. Please check you encoding method. In the documentation there is an example given. Check if your encoding method has the same output as a result as the example.

Kind regards, Phil

[cmkreuter]

Thank you, yes it was incorrectly encoded. I used the command line tool base64 on Mac and for your example it returns bXlfcGFzc3cwcmQK instead of bXlfcGFzc3cwcmQ= Interestingly with https://www.base64decode.org/ both variants decode to the correct string...