I’ve added the AVM Fritz!-Bindings, that generally works fine.
My problems come up when switching to SSL communication to my router. The OpenHab eventlog shows the following lines repeatedly:
2019-11-04 18:26:15.171 [hingStatusInfoChangedEvent] - ‘avmfritz:fritzbox:29cb6f06’ changed from OFFLINE (COMMUNICATION_ERROR): Request is invalid to OFFLINE (COMMUNICATION_ERROR): FRITZ!Box does not respond
2019-11-04 18:26:16.604 [hingStatusInfoChangedEvent] - ‘avmfritz:fritzbox:29cb6f06’ changed from OFFLINE (COMMUNICATION_ERROR): FRITZ!Box does not respond to OFFLINE (COMMUNICATION_ERROR): Request is invalid
When dumping the communication with tcpdump, it becomes clear that Openhab does not know the root certificate (Certificate unknown). Where do I have to save this cert to introduce it to Openhab?
since the binding connects regularly to my router and sends a password to login, I would like to encrypt the connection. The router is somewhat sensitive and essential for my internet connection. Just to be sure.
By the way, the operating system (Ubuntu) is able to create a trusted SSL connection:
openssl s_client -connect myfritzbox.domain:.443
-> Verify return code: 0 (ok)
I also added my CA to /var/lib/openhab2/etc/keystore. I’m not sure, if this is the correct place for storing it. But due to my limited knowledge in Java, I don’t have any idea where else to put this CA.
Similar issue here:
Okay, the solution is quite obviously:
sudo keytool -importcert -alias my_ca_alias -keystore /usr/lib/jvm/zulu-8-amd64/jre/lib/security/cacerts -file myca.crt
The default password is “changeit”.
This works for a zulu implementation of java. For Oracle java the path is very similar, dependent on the java home directory.