IOS 13 Beta - Home Assistant Companion App - GPS Location not working

Everything was working fine, then I updated my phone to IOS 13 Beta and my GPS location updates stopped working.

Home Assistant v0.94.0

Few scenarios:

  1. Broken - Home assistant Companion v2.0.0(62) and iOS 13 Beta
  2. Working - Home assistant Companion v2.0.0(62) and iOS 12
  3. Broken - Home assistant Companion v1.5 and iOS 13 Beta.

Seems the commonality is iOS 13 and it is also the only thing that changed. The companion app seems to be working fine in all other aspects, except GPS updates. Both iOS 13 devices have location tracking enabled for the companion app.

Thoughts?

EDIT 8/24/19: I am up to iOS 13 Beta 8 and still not working, same scenario as originally described.
EDIT 8/30/19: I noticed that my iOS app was failing to connect due to certificate errors through my reverse proxy. Apparently Apple tightened its certificate trusting rules in iOS13. I tried to update to a new cert that meets the criteria and failed, so I disabled SSL and am testing. I expect it will work fine. See site for more info: https://support.apple.com/en-us/HT210176
EDIT 9/1/19: Fixed, Removed SSL from reverse proxy and not app is connecting when outside local network. I also had to remove the mobile_app integrations for the iOS 13 phones and re-add them as new for push notifications to work. Not sure, but I suspect the push IDs were mismatched after update like it generated a new ID on the app and didn’t match the server, but deleting and re-adding the device fully cleared it up!

Thanks,
Joel

Mine is working. Are you using the beta iOS App as well as beta ios? (I am)

I have found the same on IOS 13 beta. For now I have been using Life360 for my GPS updates.

Yes I am, as mention in original post, v2.0.0(62)

i managed to get ha app to work on ios13 beta , all you need is to create a ca , sign server certificate with the ca you just created with some config files.Then import CA cert to iOS devices and its done.

Following is what command and openssl config file i use:

  1. Generate our CA

openssl req -x509 -sha256 -newkey rsa:2048 -keyout ca_privkey.pem -nodes -out ca_cert.pem -subj “/C=[country]/ST=[state]/L=[locality]/O=[organization]/OU=[organization unit]/CN=[common_name]/” -config v3_ca.ext -days 365

content of v3_ca.ext:

[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name

[req_distinguished_name]

[v3_req]
basicConstraints        = critical, CA:TRUE
subjectKeyIdentifier    = hash
authorityKeyIdentifier  = keyid:always, issuer:always
keyUsage                = critical, cRLSign, digitalSignature, keyCertSign 
subjectAltName          = @alt_names

[v3_ha_server]
basicConstraints        = critical, CA:TRUE
subjectKeyIdentifier    = hash
authorityKeyIdentifier  = keyid:always, issuer:always
keyUsage                = critical, cRLSign, digitalSignature, keyCertSign
subjectAltName          = @alt_names

[alt_names]
IP.1 = [your ip ]
#DNS.1 = [your domain]
# uncomment if your need a domain name not a ip address
  1. create your server private key

openssl genrsa -out privkey.pem 2048

  1. generate certificate signing request

openssl req -new -sha256 -key privkey.pem -subj “/C=[country]/ST=[state]/L=[locality]/O=[organization]/OU=[organization unit]/CN=[common_name]/” -out privkey.csr

  1. view the csr if you want

openssl req -in privkey.csr -noout -text

  1. use CA cert and privkey of your CA cert to sign the server certificate

openssl x509 -req -in privkey.csr -CA ca_cert.pem -CAkey ca_privkey.pem -CAcreateserial -out certificate.pem -days 365 -sha256 -extfile v3_ha.ext -extensions v3_ha_server

v3_ha.ext file content:

[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name

[req_distinguished_name]

[v3_req]
basicConstraints        = critical, CA:FALSE
subjectKeyIdentifier    = hash
keyUsage                = critical, nonRepudiation, digitalSignature, keyEncipherment, keyAgreement 
extendedKeyUsage        = critical, serverAuth
subjectAltName          = @alt_names

[v3_ha_server]
basicConstraints        = critical, CA:FALSE
subjectKeyIdentifier    = hash
keyUsage                = critical, nonRepudiation, digitalSignature, keyEncipherment, keyAgreement 
extendedKeyUsage        = critical, serverAuth
subjectAltName          = @alt_names

[alt_names]
IP.1 = [your ip ]
#DNS.1 = [your domain]
# uncomment if your need a domain name not a ip address
  1. Finally , import CA certificate to your ios device and copy certificate for the server to your ha instance.

  2. Enjoy :wink:

Is this instruction for a self signed certificate or letsencrypt cert? I have a domain cert and mine works without all this. (Just out of curiosity)

Must be self signed… you don’t need any of that with LetsEncrypt

self signed. Apple tightened self signed certs requirements after ios13.

I follow in detail the process to create the certificate.pem but… still I cannot install the certificate in ios13… it keeps saying that the cert is not certified. Can somebody help?

you have to replace the ip or dns name with your server ip/dns name.Or if you could show your logs?

ok, this is what happens. With my the certificate instructions in HA SSL guidelines I all the process was going smothless. trying to follow exactly your steps I can’t make it work. Btw, what put as DNS is the internet address of my ddns service… As stupid as my appear, charging the ca_cert.pem into my iphone with ios13 I got the following:

then this:

then I CAN activate the certificate:

but then, once I change the coordinates in the configuration file of HA I still get this:

If I try to charge into my jphone the certificate.pem file, that I guess should be the right one, I got this:


completely missing the “unmanaged root certificate” part.

I then got this (not verified)

and finally this:

So certificate to be enabled and thus not working. Hoping to have give a complete path of what is my odissy I am looking for some help!:upside_down_face:

thanks

Luca

you don’t need self-signed certificates.Since you already have a domain pointing to your local server,you only need to get a SSL certificate from “Lets-encrypt”.Official SSL guide of HA should have mentioned this in their article,would you give it a try?It’s really easy.

Yes of course…! but I really do noknow how to do it…:pensive:

One of the phones is having the same problem: no GPS. Everything else (including notification) works.
Phone is on iOS 13.1.3. (i’m on HA 0.100.3). Other phone is still on iOS 12. No GPS-problems on that one.

I’m using HA Cloud/Nabu Casa.

@parabag: is your guide also for this configuration and what should I do with the certificate?

Actually it is not my guide and anyway it is not working…

Sorry!!!

I meant @Lisheng2016

No, the guide is for those having certificate trust issues on iOS13.What is GPS problem?Never happened to me …got two iphones, iphone6s and iphone7.

Just no fix. Zero, nada :wink:
Maybe it has nothing to do with 13 Beta. But the phone is on iOS 13.
Other phone no problem at all.

I’ve already added the phone twice after first time removing integration and rebooting HA.

But Jim… as I told you… following the instructions the guide is not working… and I posted all the screenshot of the process… :woozy_face:

deleted by poster