search

WarlaxZ / alexa-home-controller

Control all items in my home from amazon's Alexa
16 stars 5 forks source link

SSL and Alexa Skill Service? #3

Closed tszumowski closed 7 years ago

tszumowski commented 7 years ago

According to Amazon's documentation, you need to generate a self-signed certificate to allow HTTPS requests with Alexa's service.

Did you go the route of generating a self signed certificate for your server? Or did you alternately deploy this code into Amazon's cloud? In either case, do you have any tips or quick directions?

tszumowski commented 7 years ago

Just providing an update to my own question. Above I asked about two options: (1) Generating a certificate for the server, and (2) Deploying the code to Amazon's cloud.

I don't have an answer to item 2 yet mainly because I'm new to Amazon Lambda and haven't played around with it too much.

But for #1, generating the self-signed certificate, I have some updates:

The module "alexa-app-server" provides step-by-step directions in its README. You can find this under _[root]/nodemodules/alexa-app-server/README.md, which is available after deploying with node install. Alternately you can check out the github page.

Here is a snippet from the relevant section in the README:

//privateKey filename. This file must reside in the sslcert folder under the root of the project. Must be set if httpsEnable = true
privateKey:'private-key.key',

//certificate filename. This file must reside in the sslcert folder under the root of the project. Must be set if httpsEnable = true
certificate:'cert.cer'

## Enabling HTTPS 

You can enable HTTPS support for the app-server using the instructions below.

Generate a x509 SSL Certificate using the following commands:

openssl genrsa -out private-key.pem 1024 openssl req -new -x509 -key private-key.pem -out cert.cer -days 365 --generates the certificate


Then add the following properties the to config (currently in server.js) that creates the server. Place the two generated files in the sslcert directory.

```javascript
AlexaAppServer.start( {
    httpsPort:443,
    httpsEnabled:true,
    privateKey:'private-key.pem',
    certificate:'cert.cer'
    }
} );

Still interested in a solution to item 2, i.e. how to get this deployed as an AWS Lambda or something similiar since I don't have a home server. That's probably out of scope of this git repo though, so it's either time for me to configure a server Pi or investigate AWS.

tszumowski commented 7 years ago

Another update. I found an answer to item 2: how to deploy this an AWS since Amazon recommends that for Alexa skills. The answer is: you don't.

The interface to Kodi in this code is through the Websocket JSON-RPC API. I read into JSON-RPC authentication since I would want to secure the connection. This StackExchange post indicates that the "RPC interface isn't designed to be used in any scenario which would require SSL, which would be access over the internet or other untrusted networks".

So this should NOT be deployed outside your network for the reasons above. Time for me to build out a Pi. :)

Recommend closing this issue now.