I just tested the home assistant Ecobee component. It does not appear to work either. I am able to get a pin but the API calls are not coming through.
hi Watou
i got the answer myself by running the following command
looks like ssl3 and tls 1.2
openssl ciphers -v | awk ‘{print $2}’ | sort | uniq
SSLv3
TLSv1.2
does this help?
It is what my home assistant and openLuup runs on ubuntu
does the plugin have to be configured to use 1.2 or will it use it by default if its available
[quote=“charettepa, post:742, topic:174457”]hi Watou
i got the answer myself by running the following command
looks like ssl3 and tls 1.2
openssl ciphers -v | awk ‘{print $2}’ | sort | uniq
SSLv3
TLSv1.2
does this help?[/quote]
I just ran a test against api.ecobee.com
https://www.ssllabs.com/ssltest/analyze.html?d=api.ecobee.com
and it only supports TLS 1.2, not 1.1 or 1.0. Not sure what the answer was a few days ago.
The question I still have is, as LuaSec as implemented in Vera, when the option “tlsv1” is given to open the connection to Ecobee, is it really using TLS 1.2? I don’t know how to determine that empirically. What would help would be a statement from Ecobee as to whether the above report returned different answers before this issue appeared.
watou
P.S. Me theory about TLS is just a theory, but it seems clear that something changed server side and Ecobee should hopefully characterise it soon.
The plugin just tells the Lua liabrary to use “tlsv1” which is obviously vague. I don’t know what other options are legal on the Vera.
vera is not usually very quick to get back to users
did you see the comment from rafale77
about having same issue with home assistant
[quote=“charettepa, post:746, topic:174457”]vera is not usually very quick to get back to users
did you see the comment from rafale77
about having same issue with home assistant[/quote]
Yes. If Ecobee removed a cypher suite they used to support and both HomeAssistant and Vera both fell off compatibility, I wouldn’t know. Best thing would be to compare the ssllabs report with the specific cyphers supported on both that specific Ubuntu and Vera, and see if there is no overlap.
Just tested my HomeAssistant set up .
When I make changes within HomeAssistant to thermostat settings, it shows up pretty quickly within the Ecobee Android App. When I make changes within the app, it does not reflect within HomeAssistant automatically unless I do some action to cause Hass to initiate a connection.
Although I am not sure, I don’t think this was the behavior before yesterday.
[quote=“niharmehta, post:748, topic:174457”]Just tested my HomeAssistant set up .
When I make changes within HomeAssistant to thermostat settings, it shows up pretty quickly within the Ecobee Android App. When I make changes within the app, it does not reflect within HomeAssistant automatically unless I do some action to cause Hass to initiate a connection.
Although I am not sure, I don’t think this was the behavior before yesterday.[/quote]
I am not even able to register my home assistant after getting the pin… I guess yours was previously connected. The problem is not quite the same though as at least hass is able to get a pin.
I fixed it… Update coming soon. The problem is in the plugin and Watou was correct
you fixed it in HASS or in Vera
Was Watou correct in that it needs to be TLS 1.2?
Fixed it on openLuup… I can probably do the same on hass after this. I am not sure what version of TLS the vera can support but I think it should support it too.
Try this GitHub - rafale77/vera-ecobee at 2.1
I updated it on the AltAppStore too. Use version 2.1.
[quote=“rafale77, post:752, topic:174457”]Fixed it on openLuup… I can probably do the same on hass after this. I am not what version of TLS the vera can support but I think it should support it too.
Try this https://github.com/rafale77/vera-ecobee/tree/2.1[/quote]
Great! rafale77, can you supply the L_ecobee.lua file I supplied you to someone with the tlsv1_2 change and a working client ID, so they can use that in place of the encrypted file on their Vera, so that it can be determined empirically if tlsv1_2 works on Vera? If I get word that the apps.mios.com plugin version should be changed in this way based on a proper observation, I will update the plugin on apps.mios.com (or at least try to) with that one-line change, and a bumped version number.
Otherwise Ecobee will have to revert their supported SSL versions change, or users of that version of the plugin will have to abandon it.
watou
I am happy to test by manually changing that file. If we abandon the app store version, would the @rafale77 version work if manually installed without AltUI or OpenLuup.
[quote=“watou, post:753, topic:174457”][quote=“rafale77, post:752, topic:174457”]Fixed it on openLuup… I can probably do the same on hass after this. I am not what version of TLS the vera can support but I think it should support it too.
Try this https://github.com/rafale77/vera-ecobee/tree/2.1[/quote]
Great! rafale77, can you supply the L_ecobee.lua file I supplied you to someone with the tlsv1_2 change and a working client ID, so they can use that in place of the encrypted file on their Vera, so that it can be determined empirically if tlsv1_2 works on Vera? If I get word that the apps.mios.com plugin version should be changed in this way based on a proper observation, I will update the plugin on apps.mios.com (or at least try to) with that one-line change, and a bumped version number.
Otherwise Ecobee will have to revert their supported SSL versions change, or users of that version of the plugin will have to abandon it.
watou[/quote]
Can I email it to you so you can re-encode it and use your user code? This would minimize the changes needed to test. Otherwise one could just use the one I released which requires creating a developer account on Ecobee.com and generate a key.
My fork works fine on UI7. If you don’t have ALTUI or openluup, you just have to download all the files from the git report and upload them to your vera /etc/cmh-ludl folder or by pulling them into the apps/advanced/apps file upload. Right now I just don’t know whether the vera supports the TLS protocol by default.
i dont mind testing but i dont have altui
if i install alt ui, can i use it alongside the default ui
or will it replace it
ALTUI is a plugin within the main UI … so no it doesn’t replace it. You need to call a different port to get to ALTUI.
i have installed alt ui
can the 2.1 app from the altui appstore be installed without interfering with the one from vera app store
will it co-exist or replace
[quote=“charettepa, post:758, topic:174457”]i will try to install ALTUI when i get home.
what is the port #
does it add much load to the vera controller[/quote]
You probably want to check out the ALTUI section of the forum. There is actually a link from the UI7 device to get you to the ALTUI screen. Otherwise the URL should be
http://Vera.IP/port_3480/data_request?id=lr_ALTUI_Handler&command=home.
I don’t think it adds much load to the vera.
im already installed and in the gui
can i install the alt ui ecobee plugin without causing issue to the watou version
will they coexist
i tried installing an item from the alt app store
it just says faliure
now if i click the vera bubble instead of alt it works
but then i am geting the mios store version am i not?