Closed emilwojcik93 closed 3 years ago
Remote service is down. It will be restored in few days.
Thanks for quick response. I'm awaiting further development 👍
If you have an experience and your OpenWRT device has enough space and memory, you can try the following script which does not use the generated in-line certificate, but it needs more libraries, space and time.
https://github.com/diyhue/diyHue/blob/dev/BridgeEmulator/install_openwrt.sh
See here: https://github.com/diyhue/diyHue/blob/dev/BridgeEmulator/install_openwrt.sh#L76
I restore the online service for certificate generation.
@juanesf Thx, it's works. I've to:
ps | grep hue | grep -v grep
rm -rf /opt/hue* /etc/init.d/hue*
cd /tmp
wget --no-check-certificate https://raw.githubusercontent.com/diyhue/diyHue/master/BridgeEmulator/easy_openwrt.sh
Edit easy_openwrt.sh
:
curl "http://mariusmotea.go.ro:9002/gencert?mac=$mac" > /opt/hue-emulator/cert.pem
install_openwrt.sh
to creating certificate:echo -e "\033[32m Creating certificate.\033[0m"
curl https://raw.githubusercontent.com/mariusmotea/diyHue/9ceed19b4211aa85a90fac9ea6d45cfeb746c9dd/BridgeEmulator/openssl.conf -o openssl.conf
wait
serial="${mac:0:2}${mac:3:2}${mac:6:2}fffe${mac:9:2}${mac:12:2}${mac:15:2}"
dec_serial=`python3 -c "print(int(\"$serial\", 16))"`
openssl req -new -days 3650 -config openssl.conf -nodes -x509 -newkey ec -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve -subj "/C=NL/O=Philips Hue/CN=$serial" -keyout private.key -out public.crt -set_serial $dec_serial
wait
touch /opt/hue-emulator/cert.pem
cat private.key > /opt/hue-emulator/cert.pem
cat public.crt >> /opt/hue-emulator/cert.pem
and than run it with sh easy_openwrt.sh
I'm glad to help. Can we close the problem?
Although I have realized that you have used the obsolete repository the current is http://github.com/diyhue/diyhue
Not fixed yet. Any other way to generate it manually?
curl "http://mariusmotea.go.ro:9002/gencert?mac=00:11:22:33:44:55" -v. It works, i test now with online curl
curl "http://mariusmotea.go.ro:9002/gencert?mac=00:11:22:33:44:55" -v
It gives empty response For the one who can not generate it:
mac=<your-mac-address>
curl https://raw.githubusercontent.com/mariusmotea/diyHue/9ceed19b4211aa85a90fac9ea6d45cfeb746c9dd/BridgeEmulator/openssl.conf -o openssl.conf
serial="${mac:0:2}${mac:3:2}${mac:6:2}fffe${mac:9:2}${mac:12:2}${mac:15:2}"
dec_serial=`python3 -c "print(int(\"$serial\", 16))"`
openssl req -new -days 3650 -config openssl.conf -nodes -x509 -newkey ec -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve -subj "/C=NL/O=Philips Hue/CN=$serial" -keyout private.key -out public.crt -set_serial $dec_serial
touch /opt/hue-emulator/cert.pem
cat private.key > /opt/hue-emulator/cert.pem
cat public.crt >> /opt/hue-emulator/cert.pem
rm private.key public.crt
You are right, the service was hosted on a PI4 B and it seams the SD card is dead. I will try to recover the code and fix it.
@mariusmotea
Some news for the sslcert server ?
curl: (7) Failed to connect to mariusmotea.go.ro port 9002: No route to host
:(
Work great with docker with sudo su for the installaltion 👍
I need to write this service from scratch.will witte here once available again.
Fixed.
curl mariusmotea.go.ro:9002/gencert?mac=00:11:22:33:44:55
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgEyB+r8WIWExtCNzR
exMewdyEmw5q2TqzQUHdywTA1wWhRANCAARkFxkz6TDDTkutWUJpX3laTN54odtZ
fqe5dEC/ieYr3ntlk6UjXWMcwsAxlELM1J0iqfaZ99/3X2mo4FMoPyV5
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIB2zCCAYKgAwIBAgIFESIzRFUwCgYIKoZIzj0EAwIwOjELMAkGA1UEBhMCTkwx
FDASBgNVBAoMC1BoaWxpcHMgSHVlMRUwEwYDVQQDDAwwMDExMjIzMzQ0NTUwHhcN
MjEwMzI1MTIwODI0WhcNMzEwMzIzMTIwODI0WjA6MQswCQYDVQQGEwJOTDEUMBIG
A1UECgwLUGhpbGlwcyBIdWUxFTATBgNVBAMMDDAwMTEyMjMzNDQ1NTBZMBMGByqG
SM49AgEGCCqGSM49AwEHA0IABGQXGTPpMMNOS61ZQmlfeVpM3nih21l+p7l0QL+J
5ivee2WTpSNdYxzCwDGUQszUnSKp9pn33/dfaajgUyg/JXmjdTBzMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFC9HdnZ9KWRo0CfNYJMGvkkS0JZQMB8GA1UdIwQYMBaA
FC9HdnZ9KWRo0CfNYJMGvkkS0JZQMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAK
BggrBgEFBQcDATAKBggqhkjOPQQDAgNHADBEAiAxz3tQqEVJ616w8iHnNawRWBgU
7cqrxOtLkEs5FckHoAIgNYXWUnO6Zca2KjnGN/sMMBE6Mc2PxgX/HUJ4sAnRBws=
-----END CERTIFICATE-----
Service is working but in diyhue script is lack of parameters in curl request, it should look like this:
curl --http0.9 "http://mariusmotea.go.ro:9002/gencert?mac=$mac" > /opt/hue-emulator/cert.pem
Thx and best regards :)
Hello, I can't generate certificate through "easy_openwrt.sh". To exclue firewall blocking rules on my device I've try to reach generation service through remote server and online curl but still I can't connect to this service.