Forum Replies Created
-
AuthorPosts
-
wz2bMemberwz2bMember
I checked @flaviu’s docs and looks good, I’m still a little scared of somehow bricking it. I’m wondering, too, if you have a USB-to-serial dongle that controls RTS and DTR if you can have it control IO0 the usual way rather than having to manually ground it. I’m nto even sure why this works (is there a pull-up on that port?)
The only thing that makes me a little asd is I’d like to have both … give me a nice clean ESPHOME interface (preferably via MQTT) but also still feed Emporia Cloud, since I do find that handy at times.
I’d also like to hear a few more people tell me “It worked! And nothing bad happened!”
wz2bMemberSearching the binary for that string shows us a section where the words “ssid”, “emporia”, “password”, “emporia123” are found in close succession.
Are you saying it attempts to connect to a local network named ’emporia’ as part of some debugging code, or as part of the provisioning process? Maybe you’ve uncovered some factory test mode?
If it isn’t a virgin device, does it still look for the ‘Emporia’ network on start-up?
I’d still be interested in decoding the GATT message format, I’m just not very good at that kind of reverse engineernig.
wz2bMemberA small but vocal group of douchebags who have way too much time on their hands say what?
I think that’s pretty harsh. ” You won’t get anywhere by beating Emporia up” would be a fair point. But I think it’s a mistake to discount the advertising value of a small group of technical evangelists.
wz2bMemberThese are good questions you asked.
For my web server I use letsencrypt, so I tried starting mosquitto pointing toward the latest letsencrypt certificate and that worked – at least, i was able to pub/sub from a mqtts client without any errors. However, that’s a legitimate certificate, so there’s still the possibility the vue is looking for something with a CN that matches the domain. I wouldn’t THINK so though based on the wacky hostname, which looks like an aws auto generated host. Or it could be looking for a specific certificate. The answer to the question is that I’m not really sure and am trying to figure it out.
Also, you are assuming that the VUE doesn’t use a client certificate to connect to the server, which would have to be signed by the server’s private key. Do you have any evidence that that isn’t the case?
I think so. I receive this log:
OpenSSL Error[0]: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate
There’s a little information out there about this message, but I’m not familiar with mqtts or tls to really understand what OpenSSL is trying to tell me here. I interpret this to mean the vue2 is sending a client certificate but it doesn’t match any known CAs so it is rejected. One thing I tried was forcing mosquitto to only accept v1.3 or later and this produced a different error message (invalid/unsupported TLS version). So my conclusion based on that is that the Vue2 is indeed sending a certificate and it’s TLS v1.2.
I wonder if there’s some way I can test this with something like ‘netcat -l’ but that accepts TLS. I found something named ‘socat’ exists. Maybe I will try that next, at least to see if there’s a way to tell it “Accept any certificate, just give me some logs to tell me what it’s trying.”
wz2bMemberCould the Vue2 be using a client certificate? If that’s the case, I think my mosquitto doesn’t know to trust it … that’s what the error seems to indicate, anyway.
wz2bMemberI upgraded mosquitto and it changed:
1624935763: New connection from x.x.x.x:52059 on port 8883.
1624935922: OpenSSL Error[0]: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate
1624935763: Client <unknown> disconnected due to protocol error.- This reply was modified 3 years, 5 months ago by wz2b.
wz2bMemberRedirecting through DNS was easy enough but mosquitto doesn’t like something. I’m not super familiar with mosquitto so I set it up like this:
certfile /etc/xxx/cert.pem
keyfile /etc/xxx/privkey.pem
port 8883
protocol mqtt
tls_version tlsv1.2The Vue2 is definitely trying to connect to it but something is failing, probably the TLS exchange. Maybe the Vue2 is smart enough to check the server cert and make sure it’s valid?
On startup, the Vue2 does three DNS queries
- a2poo8btpqc3gs-ats.iot.us-east-2.amazonaws.com this is the MQTT destination
- fwsrv.emporiaenergy.com this is probably to check for firmware upgrades
- pool.ntp.org network time server
Not sure what’s with the wacky hostname, but the DNS response is a list of 8 addresses so they’re doing some load distribution.
Anybody who knows mosquitto ahd has any tips please let me know.
wz2bMemberThey can’t support us but I wish they would see the potential.
Strangely, I don’t think we’re all that difficult to support … we more or less just need to be pointed in the right direction.
wz2bMemberAll they have to do is allow their APP to use a local MQTT broker address instead of theirs during the APP setup
How do you know it’s using MQTT, did somebody confirm that? I suspected that was the case but was hoping for confirmation. Checking my NAT table:
ipv4 2 tcp 6 7395 ESTABLISHED
src=192.168.0.126
dst=18.189.226.239
sport=60459
dport=8883Port 8883 is the IANA registered port address for “Secure MQTT”. So it seems likely. I’m sure it’s doing some kind of negotiation for the TLS session. That COULD be using certificates but it probably doesn’t expect a server cert so it seems to me you could do two things
- Set up your own local MQTT server
- Do either some DNS trickery trickery to just redirect it to yours, or some iptables trickery to do the same
Regarding “…then you don’t need an API” I don’t agree with that. Some people will be fine with this data going to somebody else’s service. I would still do both. When it comes to order of importance, having a redirectable API would be better for me personally but I suspect we’re in the minority here when it comes to customers.
wz2bMemberThe API seems to give you an arrow now if you request more than 1 hour of 1SEC data at a time.
wz2bMemberThumbs up, I’d like to be able to get the voltage as well. Less important but still useful would be frequency – California Rule 21 and IEEE 2030 define two curves (watts and vars) based on frequency.
wz2bMemberIs there any documentation or a statement that says how much data the Vue2 is able to store (and forward later) in the event that the internet goes out? I had an internet outage on May 15 (about five weeks ago). I looked back at the 1 hour database and there are no gaps in the 1 HOUR data. The 15MIN data is all gone so I can’t tell from that. But it seems like the device itself is able to cache its data for some period of time until the internet becomes available again. It would be great to get some understanding of how much time that is.
wz2bMemberThere’s no way to thumbs-up a response, but thanks for posting the data retention policy – very helpful.
wz2bMemberI hate answering my own questions but I think this forum software locks edit after a few minutes. I realized that the channel numbers being a string is right because to get the overall house I request channel “1,2,3”.
Another field I questioned was HotTub which is a bool wrapped in a string, and I’m not sure why.
-
AuthorPosts