search

hyperion-project / hyperion.ng

The successor to Hyperion aka Hyperion Next Generation
https://hyperion-project.org/
MIT License
2.95k stars 371 forks source link

Philips Hue SSL Handshake Fail #1760

Open ShiniGandhi opened 1 week ago

ShiniGandhi commented 1 week ago

Bug report

I'm trying to connect my Philips Hue bridge to Hyperion and it keeps waiting for the bridge button press. In the logs, I get the following:

2024-06-21T19:48:57.599Z [LEDDEVICE] (ERROR) 'Trust on first use' - Certificate received does not match pinned certificate
2024-06-21T19:48:57.599Z [LEDDEVICE] (WARNING) philipshue generation of authorization/client key failed with error: 'SSL handshake failed'

Steps to reproduce

Manually type the IP of the bridge and open the wizard.

What is expected?

A user and key need to be created

What is actually happening?

Nothing

System

Hyperion Server:

Hyperion Server OS:

Lord-Grey commented 1 week ago

@ShiniGandhi

Background to the behaviour... Old Hue Briges and DIYHue use a self-signed certificate. In order to maintain security, the default behaviour is to "pin" the certificate on the first connection. On the other hand, every connections are then checked to ensure that no other self-signed certificates are presented from the site. I assume that you have probably reinstalled DIYHue several times and created new certificates, so the certificate you pinned does not match the current one from the bridge (you can see the errors in the log).

To continue, check for .pem files here:

~/.local/share/Hyperion/certificates

If you find any, remove them with

\rm -rf ~/.local/share/Hyperion/certificates/*.pem

As you running Hyperion under root, the files might sit at a different location. check /root/.local/share/Hyperion/certificates