Hi all,
Since HE does not support TLS, is it possible to send traffic from HE to a local Proxy Server and then have the proxy server encrypt traffic from itself to the destination?
Hi all,
Since HE does not support TLS, is it possible to send traffic from HE to a local Proxy Server and then have the proxy server encrypt traffic from itself to the destination?
After reading some of your other posts it looks like your trying to intercept traffic from the hub to an external source. This is only for enabling ssl on the UI.
It is, I use nginx's proxy pass functionality and lets encrypt on a raspberry pi to accomplish this along with my router's dynamic dns service.
The sub filter part fixes a few things like the web socket ports and the datatables error on the events page. Check out guides on the internet for getting nginx and proxy_pass set up and use the location block below.
I also enable basic auth so I can enter a username/pass to get in.
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
Replace $main_hub with the hub ip in this format: http://ip;
location / {
proxy_set_header Accept-Encoding "";
sub_filter_types *;
sub_filter '"name": "TYPE"' '"name": "EVENT_TYPE"';
sub_filter 'ws://' 'wss://';
sub_filter ': "80"' ': "443"';
sub_filter_once off;
if ($http_upgrade = '') {
proxy_pass $main_hub;
break;
}
proxy_pass $main_hub;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection Upgrade;
}
Let's encrypt has a nginx module that will automatically add the proper ssl settings to the nginx.conf file when set up.
So commenting out TLS in the code I have disables encryption or is it just not as strong. I always assumed https was encrypted by default. Sorry if this is a newb question, I am trying to learn more.
Looking at the code snippet you posted in the other thread, that was an option in smartthings to use a different tlsVersion which without I'm assuming would just use the latest. I went to the url and it showed it using the latest now so it's probably not needed anymore. Smartthings might have complained about connecting it so the dev probably put that in there to tell it to downgrade the version.
In the other thread about tls not being supported on the hub, they were talking about the UI portion.
Thank you so much for your help on this! I've really learned a lot trying to port this app over.