-
Notifications
You must be signed in to change notification settings - Fork 107
Debug
Motea Marius edited this page Sep 11, 2018
·
5 revisions
- stop hue-emulator service
sudo systemctl stop hue-emulator - go in application home directory
cd /opt/hue-emulator - enable debug mode by appending the following code in HueEmulator3.py script right after modules import:
root = logging.getLogger()
root.setLevel(logging.DEBUG)
ch = logging.StreamHandler(sys.stdout)
ch.setLevel(logging.DEBUG)
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
ch.setFormatter(formatter)
root.addHandler(ch)
- start the script with
sudo ./HueEmulator3.py
Try to avoid unnecessary debugging output generated by other devices that work fine.
To test the https certificate you can use this command curl https://127.0.0.1/api/nouse/config -v -k
sample output:
pi@raspberrypi:~ $ curl https://127.0.0.1/api/nouser/config -v -k
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=NL; O=Philips Hue; CN=b827ebfffec8991c
* start date: Jul 22 17:40:03 2018 GMT
* expire date: Jul 19 17:40:03 2028 GMT
* issuer: C=NL; O=Philips Hue; CN=b827ebfffec8991c
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET /api/nouser/config HTTP/1.1
> Host: 127.0.0.1
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx
< Date: Tue, 11 Sep 2018 12:43:26 GMT
< Content-type: application/json
< Content-Length: 227
<
* Curl_http_done: called premature == 0
* Connection #0 to host 127.0.0.1 left intact
{"name":"Philips hue","factorynew":false,"mac":"b8:27:eb:c8:99:1c","datastoreversion":70,"bridgeid":"B827EBFFFEC8991C","modelid":"BSB002","swversion":"1806051111","replacesbridgeid":null,"starterkitid":"","apiversion":"1.24.0"}
Here important lines are:
issuer: C=NL; O=Philips Hue; CN=b827ebfffec8991c
and
{"name":"Philips hue","factorynew":false,"mac":"b8:27:eb:c8:99:1c","datastoreversion":70,"bridgeid":"B827EBFFFEC8991C","modelid":"BSB002","swversion":"1806051111","replacesbridgeid":null,"starterkitid":"","apiversion":"1.24.0"}
The CN value of the certificate must be the same with bridgeid key from json output and this must represent the mac address of the main interface with fffe in the middle.