Open Timmmy001 opened 1 year ago
Give me few days, i think i miss to implement this after code refactor.
Ok, i made it now. Can you check if it is working?
Thank you for the quick response! Unfortunately a partially advanced:
In Debug Log I see now a
2023-02-26 11:19:20,875 - services.remoteDiscover - INFO - Starting discovery service
Traceback (most recent call last):
File "/usr/lib/python3.8/threading.py", line 932, in _bootstrap_inner
2023-02-26 11:19:20,877 - services.stateFetch - INFO - start lights sync
self.run()
File "/usr/lib/python3.8/threading.py", line 870, in run
2023-02-26 11:19:20,879 - services.ssdp - INFO - start ssdp broadcast
self._target(*self._args, **self._kwargs)
File "/opt/hue-emulator/services/mqtt.py", line 402, in mqttServer
2023-02-26 11:19:20,879 - services.mdns - INFO - <MDNS> listener started
mqttTlsVersion = ssl.PROTOCOL_TLS
NameError: name 'ssl' is not defined
2023-02-26 11:51:26,871 - services.mqtt - INFO - Strting MQTT service...
Exception in thread Thread-2:
2023-02-26 11:51:26,871 - services.remoteDiscover - INFO - Starting discovery service
Traceback (most recent call last):
File "/usr/lib/python3.8/threading.py", line 932, in _bootstrap_inner
self.run()
File "/usr/lib/python3.8/threading.py", line 870, in run
2023-02-26 11:51:26,874 - services.stateFetch - INFO - start lights sync
self._target(*self._args, **self._kwargs)
File "/opt/hue-emulator/services/mqtt.py", line 402, in mqttServer
mqttTlsVersion = ssl.PROTOCOL_TLS
NameError: name 'ssl' is not defined
If I start it as service (not with debug) it will be add in config.yaml:
mqtt:
mqttCertfile: null
mqttKeyfile: null
In the configuration of zigbee2mqtt, on the other hand, it is sufficient to store only the ca certificate, without any further cert/key file. But I don't know if this works at all with the Python implementation of mqtt in general. :-|
On FHEM MQTT side is no error log - I think there was no connection try.
ssl not defined means ssl module need to be imported. I made now a new commit that import ssl module.
Next log entrys
2023-02-26 14:40:25,215 - services.remoteDiscover - INFO - Starting discovery service
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.8/threading.py", line 932, in _bootstrap_inner
self.run()
File "/usr/lib/python3.8/threading.py", line 870, in run
self._target(*self._args, **self._kwargs)
File "/opt/hue-emulator/services/mqtt.py", line 404, in mqttServer
client.tls_set(ca_certs=bridgeConfig["config"]["mqtt"]["mqttCaCerts"], certfile=bridgeConfig["config"]["mqtt"]["mqttCertfile"], keyfile=bridgeConfig["config"]["mqtt"]["mqttKeyfile"], tls_version=mqttTlsVersion)
File "/usr/local/lib/python3.8/dist-packages/paho/mqtt/client.py", line 804, in tls_set
context.load_verify_locations(ca_certs)
in config.yaml you set mqttCaCerts to a valid location or mqttCertfile and mqttKeyfile? If not i think you should set mqttTlsInsecure to true.
That was my config part for mqtt:
mqtt:
enabled: true
mqttServer: SVL01.fritz.box
mqttPort: 8883
mqttTls: true
mqttTlsInsecure: true
mqttCaCerts: /opt/hue-emulator/ca.crt
mqttUser: MQTT_TLS
mqttPassword: xxx
discoveryPrefix: zigbee2mqtt
mqttCertfile: null
mqttKeyfile: null
only ca file mqttTlsInsecure: false
File "/opt/hue-emulator/services/mqtt.py", line 404, in mqttServer
client.tls_set(ca_certs=bridgeConfig["config"]["mqtt"]["mqttCaCerts"], certfile=bridgeConfig["config"]["mqtt"]["mqttCertfile"], keyfile=bridgeConfig["config"]["mqtt"]["mqttKeyfile"], tls_version=mqttTlsVersion)
File "/usr/local/lib/python3.8/dist-packages/paho/mqtt/client.py", line 804, in tls_set
context.load_verify_locations(ca_certs)
FileNotFoundError: [Errno 2] No such file or directory
only ca file mqttTlsInsecure: true
File "/opt/hue-emulator/services/mqtt.py", line 404, in mqttServer
client.tls_set(ca_certs=bridgeConfig["config"]["mqtt"]["mqttCaCerts"], certfile=bridgeConfig["config"]["mqtt"]["mqttCertfile"], keyfile=bridgeConfig["config"]["mqtt"]["mqttKeyfile"], tls_version=mqttTlsVersion)
File "/usr/local/lib/python3.8/dist-packages/paho/mqtt/client.py", line 804, in tls_set
context.load_verify_locations(ca_certs)
FileNotFoundError: [Errno 2] No such file or directory
with files (cert+key) additional mqttTlsInsecure: false:
Traceback (most recent call last):
File "/opt/hue-emulator/services/mqtt.py", line 404, in mqttServer
client.tls_set(ca_certs=bridgeConfig["config"]["mqtt"]["mqttCaCerts"], certfile=bridgeConfig["config"]["mqtt"]["mqttCertfile"], keyfile=bridgeConfig["config"]["mqtt"]["mqttKeyfile"], tls_version=mqttTlsVersion)
File "/usr/local/lib/python3.8/dist-packages/paho/mqtt/client.py", line 804, in tls_set
with files (cert+key) additional mqttTlsInsecure: true
Traceback (most recent call last):
File "/opt/hue-emulator/services/mqtt.py", line 404, in mqttServer
client.tls_set(ca_certs=bridgeConfig["config"]["mqtt"]["mqttCaCerts"], certfile=bridgeConfig["config"]["mqtt"]["mqttCertfile"], keyfile=bridgeConfig["config"]["mqtt"]["mqttKeyfile"], tls_version=mqttTlsVersion)
File "/usr/local/lib/python3.8/dist-packages/paho/mqtt/client.py", line 804, in tls_set
context.load_verify_locations(ca_certs)
Is there anything else I should test?
I have no clue what may be wrong. I think you pasted here incomplet errors since is missing the exception on last two.
Describe the issue
I try to connect the diyhue via MQTT TLS to my FHEM Server. But I only get error messages at my FHEM server like this, which indicate that no TLS is used. On this MQTT server module is also zigbee2mqtt connected - so the mqtt instance works with TLS.
MQTT2_SERVER SSL/HTTPS error: SSL accept attempt failed error:0A00010B:SSL routines::wrong version number (peer: 192.168.188.29)
Steps you tried
Steps you tried:
Add in config.yaml this parts:
I didn't find anything about MQTT TLS in the official doku, but this PR: https://github.com/diyhue/diyHue/pull/556
restart service
I get error messages in FHEM log, but no errorlogs in diyhue...
How we can help
I would like to have more information about the configuration of MQTT under diyHue.
Logs
Docker Info (please complete the following information):
Checklist
Additional context