Author Topic: [Solved] No remote access from Home Buddy to Vera UI2 (local access works)  (Read 6090 times)

haAllZwave

  • Sr. Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
Some time during the last month remote access stopped working with error:
“Unable to execute command. Please check your settings.”

I'm using Samsung Vibrant with JI6 Tmobile patch. Local access still works fine.

Short investigation revealed the following:

On October 24th 2010, MCV updated their ra2.findvera.com website certificate
(judging by the issue date of the new one).

The new certificate is signed with new StartCom CA cert that my Vibrant doesn't
have in the list of trusted root certs (I use standard Vibrant image with root, but
no other changes).

To verify if your Android has the same problem, open the following link in Android browser:

https://ra2.findvera.com/<user>/<pass>/<serial>/data_request?output_format=json&id=user_data2

(substitute <user> and <pass> for you credentials). If untrusted cert warning comes up --
you have the same issue and Home Buddy will probably not work on your phone.

So the fix is to add new StartCom CA to your Android. You will need root access for this.

This link describes the process of adding new root cert very well:

http://wiki.cacert.org/ImportRootCert#Android_Phones

The only change is the cert you'll be adding. Instead of their root.crt you'll need StartCom's:
- in Firefox, go to Tools->Options->Advanced->Encryption->View Certificates->Authorities
- scroll down to StartCom Ltd.
- you'll only need their root cert, called "StartCom Certification Authority"
- click on it and Export to file "StartComCertificationAuthority.crt"
- this is the file you'll use instead of root.crt in the above instructions
- SHA1 fingerprint of this cert is 3E:2B:F7:F2:03:1B:96:F3:8C:E6:C4:D8:A8:5D:3E:2D:58:47:6A:0F
- your insert command per above instructions should look something like:

keytool -keystore cacerts.bks -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -storepass changeit -importcert -trustcacerts -alias StartCom -file StartComCertificationAuthority.crt

- continue with the above instructions onto pushing modified cacerts.bks back to your phone.
- reboot the phone. Opening ra2 link above in the browser should not give a warning anymore
and Home Buddy should work as well.

Note for the Home Buddy developer:

I'm not familiar with Android APIs, but I'd be surprised if they didn't allow specifying custom
set of root certificates when an application opens SSL connection using their security framework.
If so, then you should simply include StartComCertificationAuthority.crt with your app and use
it when opening the connection.
« Last Edit: April 03, 2011, 09:59:21 pm by haAllZwave »

rakstar

  • Moderator
  • Sr. Member
  • *****
  • Posts: 342
  • Karma: +0/-0
    • Home Buddy - Home Automation for Android and BlackBerry Playbook
Re: [Solved] No remote access from Home Buddy to Vera UI2 (local access works)
« Reply #1 on: November 20, 2010, 02:00:32 am »
@haAllZwave AWESOME!  I will look into whether I could include the cert as you suggested.  In the meantime, I will send this to users who have emailed me with the same problem.

Thank you so much for sharing this!  :)

jeffy1021

  • Jr. Member
  • **
  • Posts: 69
  • Karma: +0/-0
Re: [Solved] No remote access from Home Buddy to Vera UI2 (local access works)
« Reply #2 on: November 23, 2010, 01:07:41 pm »
That is definitely good to know and explains why Home Buddy works fine on my Droid 1 but not on my wife's Samsung Captivate.  Unfortunately, her phone is not rooted so hopefully this can be fixed soon.

I guess this could give me an excuse to root it for her  :)
Vera2 (.988), Schlage BE369 & FE599, Trane Thermostat, 2x VRS15-1LZ, VRCS4-1LZ, VRP15-1LW, HA02WD
Panasonic BB-HCM511A BB-HCM515A BL-C160A Cameras

SteveGoldman

  • Sr. Newbie
  • *
  • Posts: 7
  • Karma: +0/-0
Re: [Solved] No remote access from Home Buddy to Vera UI2 (local access works)
« Reply #3 on: December 15, 2010, 09:07:10 pm »
So what's the suggestion if this seems to happen after a seemingly "stable" period when it does work?

The Home Buddy app seems to work fine for a while, sometimes days, sometimes weeks.  Then, inexplicably, I get the "unable to communicate" message.   Re-booting the Vera 2 seems to fix the problem, but that has its own frustrations.

Any suggestions??

rakstar

  • Moderator
  • Sr. Member
  • *****
  • Posts: 342
  • Karma: +0/-0
    • Home Buddy - Home Automation for Android and BlackBerry Playbook
Re: [Solved] No remote access from Home Buddy to Vera UI2 (local access works)
« Reply #4 on: December 16, 2010, 06:50:30 am »
@SteveGoldman I can't say for sure, but it *might* be a problem with MCV's servers at those times.  When you get the error, try these URLs in your PC browser:

https://fwd1.mios.com/<username>/<password>/<serial>/data_request?output_format=json&id=user_data

https://fwd2.mios.com/<username>/<password>/<serial>/data_request?output_format=json&id=user_data

be sure to replace <username>,<password>, and <serial> with the correct information.  If you get an error message or no response, that's the problem.

myhomeserver

  • Beta Testers
  • Hero Member
  • *****
  • Posts: 788
  • Karma: +0/-0
  • www.myhomeserver.com
    • MyHomeServer.com
I had the same problem, no remote access and tried all of these solutions. What worked for me was to re-select the vera I wanted to control since I have two of them.  Once I reselected the proper vera from the list of what one to control, remote access worked fine again for me.


I do have a problem with all my 3-in-1 sensors do not show light, temp or motion (arm/disarm) - yet my Fortrezz sensors display the temp properly.

Can you help?
MYHOMESERVER.COM - See Our Vera 1&2Reviews
Vera1,2,3 and Vera Lite - Latest Beta. 80+ nodes - GE/Jasco, FortrezZ, ACT, Aeon, 3-in-1 Sensors, MiniMote, HRDS, Strobe, Water Valve, Water/Freeze, GE Wireless Keypads. 6000+ SF including Barn and Garage door modules. Squeezebox Integration, Door Locks etc

rakstar

  • Moderator
  • Sr. Member
  • *****
  • Posts: 342
  • Karma: +0/-0
    • Home Buddy - Home Automation for Android and BlackBerry Playbook
I do have a problem with all my 3-in-1 sensors do not show light, temp or motion (arm/disarm) - yet my Fortrezz sensors display the temp properly.

Can you help?

Please send me your user data by following the instructions on this page:

http://sites.google.com/site/rakstar/homebuddy/troubleshooting

Thanks.

bambou51

  • Sr. Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
Re: [Solved] No remote access from Home Buddy to Vera UI2 (local access works)
« Reply #7 on: September 04, 2011, 01:10:01 am »
Hi,

Every time I try to connect remotly to my Vera I have the following exception: Data Exception: Unable to retrieve user Data

The following url is working fine in my web browser
https://fwd2.mios.com/<username>/<password>/<serial>/data_request?output_format=json&id=user_data

Any Idea on what I did wrong ? (my login/pwd are correct because when switching to local network its working fine)

WalterWhite

  • Sr. Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
^ I'm having exactly the same problem.  Works fine on the local Wifi or even on a remote Wifi.  But over 3G I get exactly that same error.

Any suggestions?  Trying that URL from the browser just brings up a blank page - no error message or viable data.

WalterWhite

  • Sr. Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
This seems to be specific to the Android version on the phone.  I switched my SIM to my old phone and don't have the issue there.  So it's not the carrier as I'm using the same SIM.  NEW phone is ICS - OLD phone is Honeycomb.

The pattern is like this:

OLD phone on wifi - works
OLD phone on wifi from "portable hotspot" sourced from NEW phone/3G - works
OLD phone on 3G - works

NEW phone on wifi - works
NEW phone on wifi from "portable hotspot" source from OLD phone/3G - works
NEW phone on 3G - fails

I don't see how this is a CA or browser issue otherwise why would it work on wifi?  Isn't the same list of trusted CAs in the phone used for wifi & 3G access?

H'mmm, kind of bummer as I think this app is great (and will make a donation) but I want to use it on my new phone.

rakstar

  • Moderator
  • Sr. Member
  • *****
  • Posts: 342
  • Karma: +0/-0
    • Home Buddy - Home Automation for Android and BlackBerry Playbook
Hmm, that's a strange issue.  Question for you... are you sure your old phone is running Honeycomb?  I could be wrong, but isn't Honeycomb for tablets only?  Also, what's the model of your new phone and what network are you on?  I'm supposed to get my Galaxy Nexus tonight (I panic-ordered it after Apple had it banned) so I could try it on that when I get it.

Can you try one more thing for me?  Go to the following URLs on your NEW phone on 3G in your web browser and see if you get a response back:

https://fwd1.mios.com/<username>/<password>/<serial>/data_request?output_format=json&id=user_data
or
https://fwd2.mios.com/<username>/<password>/<serial>/data_request?output_format=json&id=user_data

Let me know what you get.  Thanks.

WalterWhite

  • Sr. Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
Oh yeah, sorry you're right - it's Gingerbread on the old phone.

The new Phone is a Galaxy Nexus running ICS 4.0.1.   When I go to those pages in the browser I just get a blank page - no error messages.

But the issue isn't specific to your app - the same thing happens with the Vera Mobile app.  Unfortunately their tech support doesn't know what the issue is either.

So I'll be interested to see what the results are for you when you get your Galaxy Nexus.

----

This test brings me to another question though: is the password always passed in clear text in URL requests?
« Last Edit: July 05, 2012, 07:08:42 pm by WalterWhite »

rakstar

  • Moderator
  • Sr. Member
  • *****
  • Posts: 342
  • Karma: +0/-0
    • Home Buddy - Home Automation for Android and BlackBerry Playbook
Got my Galaxy Nexus running 4.0.4 and LOVING IT!  :D

I have had no issues with Home Buddy on ICS so far whether local/remote and wifi/3G.  Really strange that it's specific to your new phone on 3G... maybe check the logs for errors?  You could use aLogcat in Google Play to view the logs.  Also, when testing, I would use the browser to test as this is the most direct way to make the request so you eliminate any other variables.

I'm not an expert on how SSL works but I believe that all the parameters that get sent over in the body and URL (except the domain) get encrypted.  Home Buddy uses https for all remote requests and http for local (username/password are not sent in local mode).  Here's a related stackoverflow post:

http://stackoverflow.com/questions/499591/are-https-urls-encrypted

WalterWhite

  • Sr. Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
Well rakstar, since you said yours was 4.0.4 and mine was only 4.0.1 I decided to bite the bullet, unlock it, upgrade it to 4.0.4 (downloaded from google) and reconfigure my apps.  Did that - wasn't too big of a deal - and now the app works perfectly over 3G (although of course a little slower).

So it seems like my problem was specific to 4.0.1 on the Galaxy Nexus.  No issues now so I'm a happy camper and will be sending you a donation (under my real name).

Thanks!

rakstar

  • Moderator
  • Sr. Member
  • *****
  • Posts: 342
  • Karma: +0/-0
    • Home Buddy - Home Automation for Android and BlackBerry Playbook
Awesome, glad you got it working!  I wonder what changed though... I guess I'll need to test all those scenarios again when Jelly Bean is released.

Thanks for the update and for the very generous donation! :D