Closed n8henrie closed 2 years ago
Of note, I can copy the exact curl command and run it on my Mac with no issues (and a notification is received in Matrix):
$ curl -XPOST -d '{"msgtype":"m.notice", "body":"a fosdf"}' 'https://matrix-client.matrix.org:443/_matrix/client/r0/rooms/!REDACTED:matrix.org/send/m.room.message?access_token=REDACTED'
{"event_id":"REDACTED"}
$ echo $?
0
This is the Let's Encrypt problem. They changed the way certificates are signed and older devices that haven't been updated don't have the new root CA.
/system/sdcard/config/ssl/cacert
update.sh
file and add --insecure
to the curl requestAlternatively as a more "proper" method (more secure) you can download the new CA list from https://curl.se/ca/cacert.pem using an updated browser. Then upload that file to the camera in the /system/sdcard/config/ssl/cacert
directory. It's doing the same thing but you're not using an "--insecure" acquisition method.
Thanks for the quick response!
As noted above, I tried the update.sh with --insecure route; the update appeared to succeed, but the behavior and error message didn't change afterward. ¯_(ツ)_/¯
Sorry I didn't read your whole original post very well (my mind is occupied with something else). Anyway...
What is:
md5sum /system/sdcard/config/ssl/cacert/cacert.pem
I have aa5ac583708ca35225ac2d230f4acb62
(just updated now) I just did this update on a V2 camera that wasn't working and after doing the update it started working.
# stat cacert.pem
File: cacert.pem
Size: 206919 Blocks: 448 IO Block: 32768 regular file
Device: b301h/45825d Inode: 123 Links: 1
Access: (0755/-rwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2022-06-19 09:53:28.000000000 -0600
Modify: 2022-06-19 01:09:28.000000000 -0600
Change: 2022-06-19 01:09:28.890000000 -0600
# md5sum cacert.pem
16e9fa85cca8b644874e5b0eaa4c270b cacert.pem
I just ran it again, and I still get 16e9fa85cca8b644874e5b0eaa4c270b
.
Huh.
# grep 'as of' cacert.pem
## Certificate data from Mozilla as of: Tue Apr 13 03:12:04 2021 GMT
But if I run it from my Macbook, I get the same as you:
$ curl -sk https://curl.se/ca/cacert.pem | md5sum
aa5ac583708ca35225ac2d230f4acb62 -
I think I figured it out -- I think the --time-cond
is showing the new file as being more recent, see my stat
command above.
Yep, that got it.
tldr for future readers:
cd /system/sdcard/config/ssl/cacert
(below commands depend on cacert.pem
being in PWD
)vi update.sh
curl --remote-name --time-cond cacert.pem https://curl.se/ca/cacert.pem
to curl --remote-name -k https://curl.se/ca/cacert.pem
./update.sh
Thanks for quick responses from @c--- !
git log
) you are experiencing the issue with: d474afb22182ff67af18958c4ec126fbc07ab36bDescription
I'm trying to set up Matrix notifications through the matrix.org server.
When I
set -x
and remove the--silent
flag in/system/sdcard/bin/matrix
, I see:What did you do to debug the issue
Then I added the
-k
flag to the curl command in./update.sh
and reran -- it seemed to succeed, but afterwards I have all the same issues.I can add the
-k
flag to the curl command in thematrix
script and the notification then is sent without issue.