Hi Hubitat gurus,
I want to fire an http get action from RM. The API I want to hit is a private server with a private x.509 certificate signed with a private certificate authority. When I make calls to the service today it is failing with the following:
Request: GET [uri:https://10.0.0.XXX/somepath/apis/logical_input.cgi?token=XXXXX&name=MotionDetected, contentType:null, requestContentType:/, textParser:true, headers:[ignoreSSLIssues:true]]
Response: [headers:null, warningMessages:, class:class hubitat.scheduling.AsyncResponse, status:408, errorMessage:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target, errorData:null]
To me this looks like the SSL/TLS handshake is failing. The hub as the client can't validate the signer of the certificate presented by my server. It's not trusted. No connection. This looks like it's failing in the socket connection layer and the ignoreSSLIssues (http?) header isn't really having an effect.
How can I setup the hub to trust my private signing authority?
Asked differently, can I add a CA to the trust chain somewhere in code or config?
Is there a way to install my CA along side the public trusted CAs?
I'd prefer not to accept insecure and unauthenticated calls to my services.
I'm using JP May's driver code to diagnose:
https://raw.githubusercontent.com/thebearmay/hubitat/main/httpTesterRE.groovy
Thanks in advance,
Harry
C7 v2.3.8.123
