search

lukasroegner / homebridge-philips-hue-sync-box

Homebridge plugin for the Philips Hue Sync Box.
MIT License
55 stars 12 forks source link

SSL certificate problem #52

Closed Calorion closed 2 years ago

Calorion commented 3 years ago

When I try to curl to the sync box to get the access token (using the following command: curl -H "Content-Type: application/json" -X POST -d '{"appName": "homebridge", "appSecret":"MDAwMTExMDAwMTExMDAwMTExMDAwMTExMDAwMTExMDA=", "instanceName": "homebridge"}' https://192.168.4.21/api/v1/registrations) I get a "SSL certificate problem" error from curl. I did this before with the same sync box and I don't believe I ran into this problem. Is this something you've seen before?

Full error: "curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above."

DrDey commented 3 years ago

I just tried the same as @Calorion above today also and got the same error...

DrDey commented 3 years ago

OK I figured it out. It's you're not calling with a certificate so you have to include the -k command to bypass the certificate requirements.

The command should be updated to curl -K -H "Content-Type: application/json" -X POST -d '{"appName": "homebridge", "appSecret":"MDAwMTExMDAwMTExMDAwMTExMDAwMTExMDAwMTExMDA=", "instanceName": "homebridge"}' https://<YOUR-IP>/api/v1/registrations

Calorion commented 3 years ago

But then why did this not (IIRC) happen before?

DrDey commented 3 years ago

I think the original code for this Terminal command wasn't written by the plugin developer, it looks like another user posted a version of that code. It wasn't working for me either so I checked the HUE API documentation and noticed they said that to create a user locally as a test you needed to use -K to avoid SSL issues. I'm assuming that HUE probably updated their API function with certificates to make it more secure since that original Terminal command was shared.

Calorion commented 3 years ago

That other user was me, and I don’t recall using the -K flag before (or else I would have included it in the command). I just want to make sure there’s not something going wrong here, and using the “insecure” flag is the right thing to do.

On Sep 9, 2021, at 10:40 AM, Antony McGregor Dey @.***> wrote:

I think the original code for this Terminal command wasn't written by the plugin developer, it looks like another user posted a version of that code. It wasn't working for me either so I checked the HUE API documentation and noticed they said that to create a user locally as a test you needed to use -K to avoid SSL issues. I'm assuming that HUE probably updated their API function with certificates to make it more secure since that original Terminal command was shared.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/lukasroegner/homebridge-philips-hue-sync-box/issues/52#issuecomment-916214127, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAXI3RTMW4PBTVTSAR53L4LUBDINLANCNFSM5DNOVQOA.

jeroen020 commented 3 years ago

I have the same issue with the standard CURL command, got it to work with -k as mentioned here (thanks!) but it had to be lowercase (using RPi4), -K didn't work for me.

lukasroegner commented 2 years ago

I've added a description to the README on how to prevent certificate issues when using cURL or Postman.