Hisense TV Control

zacnut · November 24, 2019, 6:21am

I’m not getting far with media player universal (chromecast as child) . WOL and off command via mqtt is working with it, I’m sure volume + and - can be set. I haven’t looked into adding attributes, but maybe source and source_list can be used for channels, hdmi inputs and apps like netflix. But I also want to be able to remap media_previous_track and next to change to channel up and down.
looking at the source, it could be fixed on line 472 and 479 with “allow_override=True”.

I’m looking here right now as it seems to have a MQTT media player ability. I used to use this with my old IR TV and my own custom json file containing IR codes and sources, then adding it as a child to universal media player and it worked great.

edit:
I got smartIR combined with universal media player going. Source selector selects apps, channels and input sources via MQTT. On + off (WOL on and MQTT off) along with current state (energy monitoring plug) chnl up and down as next and previous (MQTT)
Volume is controlled by it own 0-100 topic with no +1 or -1 command. So this may require and automation that fetches current volume value , +1 or -1 , then return value.
Automation seems to be the next step to keep values in sync with people using the old ir remote and maybe EPG feedback.

lindsayward · December 3, 2019, 10:40am

Hi folks and thanks to @supagold, @zacnut and @K-1 for all getting me closer to controlling my 2019 Hisense TV (R7) through Home Assistant.
I’ve setup Wake On LAN in HA and can turn on the TV this way.
I also don’t get a response from pinging the IP.
I can control it via MQTT from MQTT Explorer with the connection settings including tls (required) as @supagold found, but not from the command line.
I also found like @zacnut did that my topic has to have what looks like a MAC address in it, not just “HomeAssistant” or any other label. I did not find that the MAC address (discovered via MQTT Explorer) matches my phone or anything on my network. E.g. to change volume:

/remoteapp/tv/platform_service/12:13:BA:DA:SS:00$normal/actions/changevolume 0

So, my next step is to access the TV MQTT via the command line (Raspberry Pi), but I keep getting:
Error: A TLS error occurred
Here’s what I’m trying:

mosquitto_sub -h 192.168.1.34 -u hisenseservice -P multimqttservice -p 36669 -t '#' --cafile /etc/ssl/certs/ca-certificates.crt

Since it works via MQTT Explorer, what am I missing?
The next step would be bridging, but I tried the configs above without success. If I can get command line working first, that should help.
Thanks!

zacnut · December 3, 2019, 5:10pm

Couldn’t get bridging working, will try again soon though. I never tried command line as I couldn’t get bridge to work using (May be because we using hassio with mosquito as an add-on from integrations). My solution was to use NodeRed, seems it could make a connection like MQTT explorer.
I used a node to listen to the just the TV broadcast topic to fetch info and feed it to home assistant MQTT server on same topic.
And another to listen to hassio command/set channel/ volume etc and feed to TV broker…
Messy, but works great.
Ether way, I got it working as a universal Media player with volume_set, volume_step, channels up and down as media previous and next, on /off, current state, current source and channels as sources.
I still didn’t need automatons but might if I want to add apps to source list, I don’t think I will bother though…

supagold · December 3, 2019, 10:06pm

Did you try the --insecure option for mosquitto_sub? It appears to be the equivalent of “verify=off” in MQTT Explorer. Just a guess, since that particular option was a roadblock on my side for awhile.

I wonder if the MAC address thing is because a lot of phones do MAC Address randomization now? I actually missed the previous updates on this, so haven’t seen the progress you guys made until now. I got an H9F a few weeks ago (huge improvement over the H8), and am looking to try integrating again…

lindsayward · December 4, 2019, 2:04am

Thanks. I tried with and without --insecure and I get the same error (with debug message this time):

Client mosqsub|17581-id sending CONNECT
OpenSSL Error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Error: A TLS error occurred.

I also then tried making my own certificates, which I figured should not be necessary since I haven’t set certs in MQTT Explorer… same problems.

iceflame · December 23, 2019, 3:12pm

Can you please share your flows?

supagold · December 24, 2019, 4:47pm

Sorry, I don’t currently have any flows setup that work. So far all my testing has been done in MQTT Explorer. (Haven’t had time to do anything else with this since my last post. Maybe in the new year.) There does seem to be some good progress on the topic, so maybe me or one of the other posters could help if you’re running into a specific problem?

iceflame · December 24, 2019, 9:21pm

Looks like I answered the wrong post. I wanted to reply to a @zacnut post

Schiene · December 25, 2019, 7:18pm

Hello, I have a H 55 B 7100 and I have a problem with mqtt.
When I try to connect with mqtt I get a message on the TV with a code for the connection. Does enybody knows where I can input the code?

Best regards
Schiene

rya · December 26, 2019, 2:24pm

Hi all,

Picked up one of the R6 models today, nice TV, but would be nicer with some HA integration!

Software Version of my TV is J1114.

Been playing around with a lot of the stuff you have all posted here, and here is where I am currently at:

-Unable to ping via command line

-Unable to use Mosquitto broker via hassio, with @K-1’s post above, in /share/mosquitto/hisense.conf, as it returns

XXXXXXXX: Connecting bridge hisensemqtt (192.168.1.68:36669)
XXXXXXXX: Socket error on client local.HomeAssistant, disconnecting.

I’ve attempted to add the TV as an MQTT Broker, and it seems to work! (Although it does ping every 2 minutes with a reconnect in the logs)

I just can’t figure out the sensor and I’ve tried too much tonight that I’m worn out for now. Hopefully someone can work out where I’ve gone wrong.

I’ve used the following in configuration.yaml:

    broker: 192.168.1.68
    port: 36669
    username: hisenseservice
    password: multimqttservice
    tls_insecure: true

and the following for the progname sensor I was testing with:

sensor:
    - platform: mqtt
      name: "TV State"
      state_topic: "/remoteapp/mobile/broadcast/ui_service/state"
      value_template: "{{value_json.progname}}"

For the sensor, I was using mqtt.sensor docs as documentation, which includes a link for the templating.

-Can confirm, thanks to @lindsayward and @zacnut above, I also need to use a MAC address in my topics. My Pixel 4 XL refuses to connect to the TV (going to contact Hisense about this soon), but my partners phone connected and I was able to then use her MAC Address. Spoofing even the TV itself’s MAC wouldn’t let the command register. Thought it had something to do with /remoteapp/tv/ui_service/XX:XX:XX:XX:XX:XX$normal/actions/authenticationcode not existing for other MAC addresses, as {"authNum":"XXXX"} is the value there, and after pairing a phone i can spoof that MAC to control.

I was about to hit send on this post, but I’ve actually just found a way to spoof the MAC address completely.

It seems if you manually publish /remoteapp/tv/ui_service/XX:XX:XX:XX:XX:XX$normal/actions/authenticationcode with the json {"authNum":"XXXX"} (yes, the X’s), it will return {"result":100,"info":"Wrong authNum!!"}. However, if you copy a pre-existing auth code from a device that’s already been configured and push it with the authNum JSON, it will work with the spoofed address.

Further thought on this gave me a brainwave on how to create a new code to show on your TV. If you publish /remoteapp/tv/ui_service/HomeAssistant/actions/gettvstate, your TV will return a code on-screen. You’ll need to be quick, but you can then use this auth code in a json (replace the ones with the code showing on your TV) {"authNum":"1111"} and publish (with the X’s!), /remoteapp/tv/ui_service/XX:XX:XX:XX:XX:XX$normal/actions/authenticationcode. After you’ve done this, you can then use the X MAC address + $normal to replace the HomeAssistant text and then use any command listed in the initial git.

This means that something like /remoteapp/tv/ui_service/HomeAssistant/actions/gettvstate can be used with /remoteapp/tv/ui_service/XX:XX:XX:XX:XX:XX$normal/actions/gettvstate and so on, so forth. Unfortunately sending a KEY_POWER command will not allow you to power on the TV via the same command, but these commands DO seem to persist after the TV powers off and back on (even via power on the remote)

I hope this helps, and I’m sorry if it doesn’t make sense. I’ve spent a good ~10 hours today trying to figure some of this stuff out. If anyone could help me integrate this with my HA, it seems we’re all very close to having it work again! Happy to make heads or tails of anything if you need clarification.

@Schiene, my last rambling there should help you with the code input!

K-1 · December 29, 2019, 10:30pm

Hi all,

I noticed some people having issues with Wake on Wireless/LAN. I just encountered the same problem after my Hisense 75P7 upgraded to J1008 firmware.

I went snooping around and noticed the tv was doing a full boot after power off. It seems fastboot is turned off on some firmwares.

You can enable it by going into the hisense service menu

Please follow instructions below:

Press the COG WHEEL
Press OK on SETTINGS
Press OK on SOUND
Press OK on SPEAKERS
Highlight BALANCE ensuring it’s set to 0
Press 1-9-6-9 on your remote
The letter M will appear on the top left corner
Press the QUICK SETUP or COG WHEEL button

Change Fastboot option from OFF to ON

Power off TV and try now.

lindsayward · December 30, 2019, 10:30pm

Do you mean you can’t turn on fastboot as a normal setting without this process?
How did you find this out?

K-1 · December 30, 2019, 10:52pm

@lindsayward That’s correct you need to enable fastboot via the service menu. The reason i started snooping around is I realised I was not able to Wake on WLAN my tv post upgrade and noticed its actually dropping off my unifi network when TV is off and I knew for 100% that prior to that it used to stay connected to wifi even when TV was off.

The instructions are from hisense support who sent this to me when I needed to factory reset my tv. I remembered there was a fastboot option in there and tried it out.

Cheers

CaptainMalu · December 30, 2019, 11:31pm

Do you only get the successful reconnected messages in your Home-Assistent.log or were you really able to control your TV via Homeassistent?

I tried your mqtt config for my h55be7000 with J0906 but without success.
I get the reconnected messages but the mqtt will never arrive the TV.
It looks similar to the error messages of the mosquitto_pub command on the cli.

Only mqtt Explorer is working fine.

From my point of view it looks as the clients (mosquitto mosquitto-client, Homeassistent,…) require a valid certificate. (There has to be a ca-file)
At the moment I think it’s only possible to skip the Hostname verification.

rya · December 31, 2019, 12:52am

@CaptainMalu when not using a broker and using the config i posted above in my configuration.yaml, i received a message that it successfully connected in my HA log, and I believe that I could send topics. I’ve not had time to play around since i posted above, but I will have some time over NYE/NYD to mess around with it further

Schiene · January 1, 2020, 9:24am

rya thank you for your help, but i can’t get a connetion to the TV. I send gettvstate iand i can see the code on the TV, but i can’t send the code. Nothing happends in the MQTT Explorer.
I have found the firmware version: 55.V0000.A6100.EE

Best regards

Schiene

CaptainMalu · January 2, 2020, 12:16am

I got it.

mqtt:
  broker: <TV IP>
  port: 36669
  username: hisenseservice
  password: multimqttservice
  certificate: /ssl/hisense.crt
  tls_version: '1.2'
  tls_insecure: true

You have to download the certificates from the tv.

openssl s_client -host <TV IP> -port 36669 -prexit -showcerts

copy bothe shown certificates into a file with the ending .crt
I’m using home assistent on raspbian with docker.
So I put the file into the driectory /usr/share/hassio/ssl

At the moment I’m using the Mac of my smartphone for the publish command.
I tested with

/remoteapp/tv/remote_service/xx:xx:xx:xx:xx:xx/actions/sendkey
KEY_POWER

rya · January 11, 2020, 1:38pm

thanks to @CaptainMalu I’ve been successful in having everything work for the last week or so and have been playing around, even with my above workaround for using XX:XX:XX:XX:XX:XX$normal as the MAC address.

I was curious however if anyone has managed to set up a bridge to the Hisense MQTT? I was looking at implementing zigbee2mqtt and picking up some devices for further automation, but i’d like to see if anyone here has been successful in that endeavor. Thanks all!

K-1 · January 11, 2020, 9:19pm

Hi Rya,

Yes its been done, Please see earlier in the thread. There is mqtt bridge configuration examples. Note you maybe need to play around as we have now learnt that some hisense models are using tls encryption to mqtt.

govabm · January 18, 2020, 9:13pm

Hello everyone,

I have a Problem with my tv dies someone a Solution for my Problem ???

Issue:

my TV NEC6500 I can’t connect the TV with the MQTT Client
i set wake on lan and on wlan.
Control via mobile app works Fine
Can we fix ist via mqtt.fx ?? Or How