All detection sensors not working on SSL/HTTPS

[FirewizzNL]

When using SSL/HTTPS on home assistant the alerts/sensors are not working.

It does not seem to accept the dns name, but IP and https also does not seem to work.

Also the nvr does not seem to accept DNS.

NVR: DS-7604NI-K1 / 4P

[Mark7714]

Same issue here. Internally, HA sits on 8123 and my firewall forwards external requests for https://camera.myhouse.com from 443 outside to 8123 inside and I use LetsEncrypt cert on the HA box. When the NVR on the same network tries to contact it, it fails as it asks for a cert on 8123 and there is no non-https fall back (HA doesnt allow it).

[FirewizzNL]

@Mark7714 Did you find any solution or workaround yet?

[Mark7714]

Unfortunately not I was even searching for alternate integrations last week. I'm thinking the only way I'll ever get alerts into HA from my cameras smart events through my NVR is to install Frigate onto a NUC and just avoid the issue altogether.

-------- Original message -------- From: Kevin Manders @.> Date: 6/6/24 6:43 pm (GMT+10:00) To: maciej-or/hikvision_next @.> Cc: Mark Liardet @.>, Mention @.> Subject: Re: [maciej-or/hikvision_next] All detection sensors not working on SSL/HTTPS (Issue #179)

@Mark7714https://github.com/Mark7714 Did you find any solution or workaround yet?

— Reply to this email directly, view it on GitHubhttps://github.com/maciej-or/hikvision_next/issues/179#issuecomment-2151734267, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHMVNKTLM3O3MFV6G55GCL3ZGAOK5AVCNFSM6AAAAABHIPYCNCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNJRG4ZTIMRWG4. You are receiving this because you were mentioned.Message ID: @.***>

[bradkeifer]

Please see the solution I implemented for #149

[FirewizzNL]

Please see the solution I implemented for #149

This is not a solution but a workaround.

[bradkeifer]

Please see the solution I implemented for #149

This is not a solution but a workaround.

I'm all ears if you can offer a better resolution.

[Mark7714]

I know it’s possible but I’m not having any luck. I have an Ecowitt weather station and there’s a brilliant and simple add-on:

EcoWitt HTTP Proxy An HTTP proxy for Ecowitt weather stations to forward to the Ecowitt integration over HTTPS since Ecowitt does not support HTTPS.. Visit the Ecowitt HTTP Proxy page for more details

This simply opens up a http on another port and the weather station can talk to it using standard HTTP. Surely there is a HikVision NVR equivalent. I’ve spent over 6 hours trying to get the ‘NGINX Home Assistant SSL proxy’ to do this unsuccessfully.

From: Brad Keifer @.> Sent: Monday, 15 July 2024 8:01 PM To: maciej-or/hikvision_next @.> Cc: Mark Liardet @.>; Mention @.> Subject: Re: [maciej-or/hikvision_next] All detection sensors not working on SSL/HTTPS (Issue #179)

Please see the solution I implemented for #149https://github.com/maciej-or/hikvision_next/issues/149

This is not a solution but a workaround.

I'm all ears if you can offer a better resolution.

— Reply to this email directly, view it on GitHubhttps://github.com/maciej-or/hikvision_next/issues/179#issuecomment-2228126726, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHMVNKX27MIIQ755UK3DCBLZMOMU7AVCNFSM6AAAAABHIPYCNCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEMRYGEZDMNZSGY. You are receiving this because you were mentioned.Message ID: @.**@.>>

[FirewizzNL]

@bradkeifer the workaround you provided is a good workaround. I just wanted to mention it is not a solution, it does not solve the existing problem that the API is exposed by default to https and does not accept http requests. And the NVR is only using http (in my case) and not https.

If your workaround can be implemented in the integration and be automated, it will be great. But by adding the manual proxy in NGinx is outside the integration. I am going to look in to it later but too busy at the moment.

[bradkeifer]

@bradkeifer the workaround you provided is a good workaround. I just wanted to mention it is not a solution, it does not solve the existing problem that the API is exposed by default to https and does not accept http requests. And the NVR is only using http (in my case) and not https.

If your workaround can be implemented in the integration and be automated, it will be great. But by adding the manual proxy in NGinx is outside the integration. I am going to look in to it later but too busy at the moment.

Understood @FirewizzNL I think the root cause of this problem might be nothing to do with the HIKVision integration, but perhaps more in the core of home assistant. I have been unable to get my internal_url: to work, and it has been defined to use http. I think that if it worked, then home assistant would be listening for both https and http and then the integration would work as expected. Have you been able to get both your external_url: and internal_url: to work?

[FirewizzNL]

@bradkeifer Yes I have both working, but on a valid DNS wildcard certificate. I configured outside.mydns.nl (example) through the router with portforwarding as my outside address and inside.mydns.nl as my inside address adding it as a dost to my router which forwards that traffic to home assistant. But the problems here for me is that: 1) My HikVision NVR does not support https on the alarm server api 2) Home assistant when https is enabled does not support (out of the box) the http usage. It only accepts https from that point on.

I know there is nginx and the nginx addon, but I prefer not to use these kinds of 'solutions'. But unfortunately I think for now there is no better workaround than that. I have had no time to study/look in to this integration to see if something could be improved there. Busy time of the year here haha.