Plug-in for ecobee thermostats in development

[rafale77]

Just created a new key and the problem remains...

[charettepa]

ecobee is creating a bug ticket right now
and finally accepting to send this to the API team

they have received other calls as well specifically for vera users
once they give me the bug ticket number
i will share it here

the more calls they get the better chance we have to get this resolved

they have yet to confirm if cypher suites changed
but given when we got knocked out
it lines up to almost exactly 24 hours after their "fix" on the 23rd
this "fix" could in fact be a cypher suites change

i will keep updating and will provide the bug tracking number

[watou]

Just created a new key and the problem remains...

Maybe the Vera Lua ssl.https option "tlsv1" might only be TLS 1.0 or 1.1 on the Vera, and Ecobee dropped support for one or both of those?  My emails with Ecobee from June 2015 included the statement "Requirement to support TLS 1.2+, ideally."  Again, this is all guesswork, but it is kind of what might explain the abruptly closed connections.  Or some other server-side change?

What is the latest TLS that can be supported by plugin Lua code using ssl.https?

[niharmehta]

Thanks all. I also opened a ticket with Ecobee. As you said earlier, the more tickets opened, the more likely it will get resolved faster.

[charettepa]

i just got off the phone with Vera
i also sent them an email

they advised that the question RE: TLS versions
is with the development team and i will get a response

they will let me know all versions currently supported

[rafale77]

I just tested the home assistant Ecobee component. It does not appear to work either. I am able to get a pin but the API calls are not coming through.

[charettepa]

hi Watou

i got the answer myself by running the following command
looks like ssl3 and tls 1.2


openssl ciphers -v | awk '{print $2}' | sort | uniq

SSLv3
TLSv1.2



does this help?

[rafale77]

It is what my home assistant and openLuup runs on ubuntu

[charettepa]

does the plugin have to be configured to use 1.2 or will it use it by default if its available

[watou]

hi Watou

i got the answer myself by running the following command
looks like ssl3 and tls 1.2


openssl ciphers -v | awk '{print $2}' | sort | uniq

SSLv3
TLSv1.2



does this help?

I just ran a test against api.ecobee.com

https://www.ssllabs.com/ssltest/analyze.html?d=api.ecobee.com

and it only supports TLS 1.2, not 1.1 or 1.0.  Not sure what the answer was a few days ago.

The question I still have is, as LuaSec as implemented in Vera, when the option "tlsv1" is given to open the connection to Ecobee, is it really using TLS 1.2?  I don't know how to determine that empirically.  What would help would be a statement from Ecobee as to whether the above report returned different answers before this issue appeared.

watou

P.S. Me theory about TLS is just a theory, but it seems clear that something changed server side and Ecobee should hopefully characterise it soon.

does the plugin have to be configured to use 1.2 or will it use it by default if its available

The plugin just tells the Lua liabrary to use "tlsv1" which is obviously vague.  I don't know what other options are legal on the Vera.

[charettepa]

vera is not usually very quick to get back to users

did you see the comment from rafale77
about having same issue with home assistant

[watou]

vera is not usually very quick to get back to users

did you see the comment from rafale77
about having same issue with home assistant

Yes.  If Ecobee removed a cypher suite they used to support and both HomeAssistant and Vera both fell off compatibility, I wouldn't know.  Best thing would be to compare the ssllabs report with the specific cyphers supported on both that specific Ubuntu and Vera, and see if there is no overlap.

[niharmehta]

Just tested my HomeAssistant set up . 

When I make changes within HomeAssistant to thermostat settings, it shows up pretty quickly within the Ecobee Android App.   When I make changes within the app, it does not reflect within HomeAssistant automatically unless I do some action to cause  Hass to initiate a connection.

Although I am not sure, I don't think this was the behavior before yesterday.

[rafale77]

Just tested my HomeAssistant set up . 

When I make changes within HomeAssistant to thermostat settings, it shows up pretty quickly within the Ecobee Android App.   When I make changes within the app, it does not reflect within HomeAssistant automatically unless I do some action to cause  Hass to initiate a connection.

Although I am not sure, I don't think this was the behavior before yesterday.

I am not even able to register my home assistant after getting the pin... I guess yours was previously connected. The problem is not quite the same though as at least hass is able to get a pin.

[rafale77]

I fixed it... Update coming soon. The problem is in the plugin and Watou was correct