Now I've gone and disabled access to my HE C8: SSL

kahn-hubitat · June 21, 2023, 3:31pm

what command prompt.. i wish there was an ssh interface and command prompt on the hub. not for us anyway.. maybe only for engineering?

azz710 · June 21, 2023, 4:30pm

Bingo! I was, indeed, able to use the disablessl endpoint via the curl command. Proximate problem solved. Thanks again!

I will be playing with SSL again, simply because I now know how to deal with the unwanted side effect of another mistake on my part.

bertabcd1234 · June 21, 2023, 4:59pm

From your operating system...

Must have been automatic HTTPS in your browser. Glad that worked!

azz710 · June 21, 2023, 7:00pm

Now, here's something interesting. After successfully using endpoint disablessl via DOS command, curl, and removing my certificate and key using the hub/advanced/certificate endpoint, Remote Administration started working properly. In other words, the cloud interface is affected by the security certificate process.

rlithgow1 · June 21, 2023, 8:05pm

Could be on the remote admin side of things, it's mirroring the page via 443... @gopher.ny?

azz710 · June 22, 2023, 5:46pm

I suppose, but there are at least two other cloud access points, the cloud dashboard link in the Hub Details view and the Lights/Switches button at the bottom center of the Android app, which worked even when remote admin would only give me 502 bad gateway errors. Perhaps what's needed is another special cloud access point for settings.

Meanwhile, I have another mystery to report. The whole reason I got into this mess is that I was trying to install a self-signed cert to allow https access and avoid the annoying security challenge whenever I tried to use the hub. But that shouldn't have been necessary, as the hub firmware, acting as web server, should have been negotiating access and allowing http, at least. None of my browsers were set to demand https. But since there was no obvious solution in this forum, I went the self-signed security route without fully understanding the mechanics. That didn't work, the hub couldn't be accessed in any way as remote admin failed as well. Then you suggested trying curl to use the disablessl endpoint and that worked. I deleted the cert and key, turned off the mandatory SSL option, and all is back to normal.

Almost normal, I should say, because now all my browsers, on the PC or phone, work as expected, with no secure access override necessary. In other words, attempting to use a self-signed cert and that problematic option on the advanced/certificate page and then undoing both seems to have solved even the original problem. I have no doubt that, one of these days, we'll receive a new build which will eliminate the issue altogether. Thanks again,

Jeff