Hi All,
It seems a lot of involved people are watching this threat, however I need some help with a new installation:
- I followed the steps to install the following HACS DEV version: GitHub - jrutski/home_assistant_envoy_d7_fw: Update for D7 based firmware on Envoy gateways
The Enphase Envoy-S has the following firmware:
<envoy_info>
<device>
<software>D7.0.88</software>
<apiver>1</apiver>
</device>
One of the things I noticed is that the webserver always performs a HTTP redirect to HTTPS on any request. As the certificate is self-signed, I added this webserver certificate to both the docker-container running H.A., as on the hosts certificate store. From now I can successfully perform HTTPS requests:
* Server certificate:
* subject: CN=envoy-XXXXXXXXXXXX
* start date: Nov 9 08:46:36 2022 GMT
* expire date: Nov 9 08:46:36 2023 GMT
* common name: envoy-XXXXXXXXXXXX (matched)
* issuer: CN=envoy-XXXXXXXXXXXX
* SSL certificate verify ok.
Now when using the ‘DEV’ integration to add the gateway into H.A., I am getting the following error, and from the container log I can see the queries performed are only HTTP, and not HTTPS as the redirect is not followed and stuck in this loop (envoy-XXXXXXXXXX is the hostname resolvable from within the container):
2023-01-12 16:57:16.798 DEBUG (MainThread) [custom_components.enphase_envoy.envoy_reader] HTTP GET Attempt #1: http://envoy-XXXXXXXXXXX/api/v1/production: Header:None
2023-01-12 16:57:16.813 DEBUG (MainThread) [custom_components.enphase_envoy.envoy_reader] Fetched from http://envoy-XXXXXXXXXXXX/api/v1/production: <Response [301 Moved Permanently]>: <html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>openresty/1.17.8.1</center>
</body>
</html>
Questions:
- Am I on the right track with this DEV integration for this specific device?
- I am unable to report an ‘ISSUE’ on the GitHub page. How to approach the maintainer?