hi,
after some realtively positiv experiences with the tp-link kasa plugs, i just bought some tapo p110 wifi sockets, using the tapo integration through hacs. as usual, i want to block any outgoing connections from the IOT devices … and this is where the trouble started.
after the initial setup, i started blocking the plug’s ip adresses, and quickly realized that unless they have internet access when they’re powered ob (i.e. start receiving power, as opposed to “switched on”), they do work as switches, but they dont provide the energy monitoring feature. the led is yellow.
when i do allow outgoing connections, the led turns green, and the plug opens an https connection to a machine in AWS - in my case 54.72.86.3 - which presents a rather odd TLS certificate:
depth=2 CN = tp-link-CA
verify error:num=19:self signed certificate in certificate chain
verify return:1
depth=2 CN = tp-link-CA
verify return:1
depth=1 DC = cn, DC = com, DC = tp-link, CN = TP-LINK CA P1
verify return:1
depth=0 C = HK, ST = HongKong, L = Kowloon, O = TP-LINK CORPORATION LIMITED, OU = R&D dept., CN = *.tplinknbu.com
verify return:1
this is a self-signed certificate, and i assume the plug has the CA built in? what is odd is that even when i start blocking again, it does seem to continue working ok, but i read that this was supposed to be completely working without access - clearly, it is not working. also, the setup app asks for location permissions, so this combination is clearly rather dodgy in terms of privacy.
does anyone know how to make them behave? or are there any recommendations (for the EU) for plugs that can to energy monitoring without telling the world?
.rm