carldebilly
commented
4 years ago Are you using the HASS.IO version or just in Docker?
You can customize the image using a Dockerfile in the following way: https://stackoverflow.com/a/42292623/1176099
Open koenvervloesem opened 4 years ago
carldebilly
commented
4 years ago Are you using the HASS.IO version or just in Docker?
You can customize the image using a Dockerfile in the following way: https://stackoverflow.com/a/42292623/1176099
koenvervloesem
commented
4 years ago I'm using the Docker image carldebilly/zigbee2mqttassistant.
Thanks for the pointer about customizing Docker images to do this. For maintainability reasons I prefer to do this without having to customize your official Docker image, but it's an acceptable temporary workaround.
carldebilly
commented
4 years ago You can also deactivate the TLS certificate check to put in insecure mode.
koenvervloesem
commented
4 years ago I know, but I want to check it, that's one of my reasons to use TLS :-) I'll use your image customization workaround for now.
carldebilly
commented
4 years ago Maybe a kind of certificate pinning feature could be great for you. Let's say you put the TLS mode in insecure mode, but pin the CA certificate hash somewhere in the configuration...
How did you solve the problem with Z2M itself? ...and other dependencies (HA...)?
koenvervloesem
commented
4 years ago For now I have decided to run mosquitto on the same machine as Zigbee2mqtt and Zigbee2MqttAssistant so they can communicate unencrypted using the local Docker network. The plan is to bridge this MQTT broker to my main MQTT broker over TLS. That would solve the problem for me.
Is your feature request related to a problem? Please describe. I have an MQTT broker with a TLS certificate signed by my own trusted CA. I can't connect to this MQTT broker with Zigbee2MqttAssistant because it doesn't trust the certificate:
Describe the solution you'd like I'd like to have an environment variable to set the CA certificate, so it will trust the certificate of my MQTT broker.