HTTP-Binding error receiving from HTTPS

Hello, I got stuck again…
I try to read data from: https://tdrm.fiff.de/station_cluster_expert.php
My Item:

String    TDRM_Cluster_Tihange    "Cluster Tihange"    (TestKram)    { http="<[https://tdrm.fiff.de/station_cluster_expert.php:60000:REGEX(.*?var canvas = document.getElementById..Tihange.*labels: (.*?)string_natural.*)]" } 

When i tried it last week I got an error concerning missing certificates. I importet them (don’t remember what I did exactly), Then it was working for one day. Since then I get an error, very possible the same I had in the beginning:

2017-01-28 18:40:39.971 [ERROR] [.script.engine.ScriptExecutionThread] - Rule 'TDRM Aachen': cannot invoke method public java.lang.String java.lang.String.replaceFirst(java.lang.String,java.lang.String) on null
2017-01-28 18:41:40.414 [ERROR] [org.openhab.io.net.http.HttpUtil    ] - Fatal transport error: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Because I thought it’s the same problem as before I reimportet the certificate:

wget https://www.startssl.com/certs/ca.pem 
export JAVA_HOME=/usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt 
 $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -alias StartCom-Root-CA -file ca.pem

But I get still the error. I did apt-get update && apt-get upgrade.
Also, when I call the page in a browser (on the rpi) it is opening.

I don’t have any ideas after googeling for two days now.
Has anybody any idea?
Thanks…

I have seen no documents or examples that imply that HTTPS is supported by the HTTP actions. The fact you for it to work once at all is surprising.

Well, it was working for one day…

Some thoughts:

In my first trials, I had a „little“ configuration error. The polling interval was a “little” to fast.
Maybe the siteadmin found that not to be funny and blocked me?

How would he/she do that? (I can access the site with this RPI with a webbrowser)

How can I change the ID java identifies itself when accessing the site and maybe change
it to “firefox”??

Is it possible to un-https this site via redirecting/relinking the site to a non https one?

Or can a webbrowser poll the site regularly and save it in a file which openhab2 can
parse then?

Thanks…

Hi,

What you could try is a ‘sudo curl https://tdrm.fiff.de/station_cluster_expert.php > tdrm.log’ (for example) using the exec binding. (make sure to call it with the right directory in front of the tdrm.log else you won’t be able to acces / find it.)

Afterward you can read the file and import the values you want into openhab. I am using this for a very simple Itho steering. Works perfectly.

Just tested the url in this way: is working (stil).

Since you live in the Aachen area (I presume): would you mind sharing your item / rule / setup file when working, I am interested in using this info.

Good luck,

HWL

Thanks, I will try it.

I have the site now in a textfile. The idea is quite good, because I can code and test without needing to rload the site for every test.
Now, how do I import the textfile into a String item??? I can’t find something sensful on the net.
I could use:
executeCommandLine(“tail /…textfile…”)
but I don’t think that’s the best way. There must be a special command to import a file to openhab.

Hi Ingo,

I use a rule to import the SMA inverter data (not by me written by the way, all credits go to the guys who wrote this):

executeCommandLine("sudo /home/pi/SBFspot/SBFspot.sh > /dev/null")

// var String PVd = String::format( “%1$tY%1$tm%1$td”, new Date() )
// var String PVt = String::format( “%1$tH:%1$tM”, new Date() )

var String smaspotlogfile = String::format( "/home/pi/smadata/%1$tY/PV_Dak-Spot-%1$tY%1$tm%1$td.csv", new Date() )

// var String smaspotlogfile = String::format( “/home/pi/smadata/2016/PV_Dak-Spot-20160203.csv”, new Date() )

val fileReader = new java.io.FileReader(smaspotlogfile)
var String line
var String nextline
try {
	val values = new java.io.BufferedReader(fileReader)
	nextline = values.readLine
	while (nextline != null) {
		line = nextline
		nextline = values.readLine
	}		
}	
finally {
	try { fileReader.close() } catch (Exception e) {}
}
var String[] pvbuffer = line.replace(",",".").split(";")
postUpdate (PVPac1, Float::parseFloat(pvbuffer.get(10)))
postUpdate (PVIac1, Float::parseFloat(pvbuffer.get(13)))
postUpdate (PVUac1, Float::parseFloat(pvbuffer.get(16)))
postUpdate (PVEtoday, Float::parseFloat(pvbuffer.get(22)))
postUpdate (PVEtotal, Float::parseFloat(pvbuffer.get(23)))
postUpdate (PVFreq, Float::parseFloat(pvbuffer.get(24)))
postUpdate (PVPdc1, Float::parseFloat(pvbuffer.get(4)))
postUpdate (PVIdc1, Float::parseFloat(pvbuffer.get(6)))
postUpdate (PVUdc1, Float::parseFloat(pvbuffer.get(8)))
postUpdate (PVPdc2, Float::parseFloat(pvbuffer.get(5)))
postUpdate (PVIdc2, Float::parseFloat(pvbuffer.get(7)))
postUpdate (PVUdc2, Float::parseFloat(pvbuffer.get(9)))
postUpdate (PVConditie, pvbuffer.get(28))
postUpdate (PVTemp, Float::parseFloat(pvbuffer.get(30)))

// var String v1 = (PVEtoday.state as DecimalType * 1000).intValue().toString
// var String v2 = (PVPac1.state as DecimalType).intValue().toString
// var String v5 = String::format("%.1f", (PVTemp.state as DecimalType).floatValue())
// var String PVOutputGET = “http://pvoutput.org/service/r2/addstatus.jsp?key=xxxxx&sid=xxxxx&d=” + PVd + “&t=” + PVt + “&v1=” + v1 + “&v2=” + v2 + “&v5=” + v5
// logInfo(“PV-GET”,PVOutputGET)
logInfo(“PV-GET”,smaspotlogfile)

Most important in this is the filename is in the variable smaspotlogfile (which is being setup as the date is a variable; change it towards the filename you want it to be and that probably makes this example a lot easier.

Next: the variable ‘line’ contains the last line read. Use this to do your REGEX expressions on it and calculate your variables.

Last: the variables have to be put back into the openhab variables (beware of the local = within a rule and global = within the sitemap definitions variables difference). Use postUpdate to do this.

Hopefully you will succeed. It isn’t that hard to make your own version of this. I am not familiar with REGEX, so can’t help you any further with that part. This is the most extensive rule I use for this kind of questions. An easy one is:

logInfo("Get Itho State","Start Getting Itho State")

executeCommandLine("sudo /home/pi/GetIthoState.sh > /dev/null")

logInfo("Get Itho State","Itho State Requested")

var String IthoCurrentStateLog = String::format( "/home/pi/itho.state", new Date() )

val fileReader = new java.io.FileReader(IthoCurrentStateLog)
var String line
var String nextline
try {
	val values = new java.io.BufferedReader(fileReader)
	nextline = values.readLine
	while (nextline != null) {
		line = nextline
		nextline = values.readLine
	}		
}	
finally {
	try { fileReader.close() } catch (Exception e) {}
}

logInfo("Get Itho State","Itho State read = {}", line)

postUpdate (Itho_Current_State, line)

executeCommandLine("sudo /home/pi/GetIthoState.sh > /dev/null")

logInfo("Get Itho State","End Getting Itho State")

In here I call a bash-script which does the curl command and puts the output into a file. Then I open the file itho.state which should have only 1 line, but could be empty if the command went wrong (don’t process that however). Next I doe the postupdate and… ready to be displayed in the sitemap.

Best regards,

HWL

Thanks!
@HWL: take a look into your Messages

can anyone help me toot ?
Trying to get http-binding from an https server. (This server runs on the same raspberrypi as openhab2):

2017-11-11 21:02:22.778 [ERROR] [org.openhab.io.net.http.HttpUtil ] - Fatal transport error: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2017-11-11 21:02:22.785 [ERROR] [ab.binding.http.internal.HttpBinding] - No response received from ‘https://192.168.1.50/beckhoff/callajax.php

i downloaded local at my browser the cer File and imported it to my java_home keystore, restartet again, but same failure.

wget on rpi shows:
wget https://192.168.1.50
–2017-11-11 21:21:38-- https://192.168.1.50/
Connecting to 192.168.1.50:443… connected.
ERROR: The certificate of ‘192.168.1.50’ is not trusted.
ERROR: The certificate of ‘192.168.1.50’ hasn’t got a known issuer.
The certificate’s owner does not match hostname ‘192.168.1.50’

my item looks like this:
Number Lagerraum_Light_Out “Value: [%.1f ]” { http="<[https://192.168.1.50/beckhoff/callajax.php{Authorization=Basic xxxxxxxxxxxxxxxxx==}:3000:JSONPATH($.Lagerraum_Light)]" }

please help.
thanks,

ok, found java von rasperrypi:
/usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt/bin
set path:
export JAVA_HOME=/usr/lib/jvm/jdk-8-oracle-arm32-vfp-hflt

downloaded pem (crt) file from https website in firefox browser

imported with:
keytool -importcert -file raspberrypi.crt -keystore $JAVA_HOME/jre/lib/security/cacerts -alias raspberrypi

password keystore is: changeIt

imported, restarted, finish

Hello there,
I have a similar problem with the HTTP-Binding trying to access to a https server, in this case my IPcam. At first it worked fine:
`

Number  Foscam_Motion           "PIR Camara"    <movimiento>    (FF_Entryway, gMotion)  { http="<[https://LAN-IP_dir/cgi-bin/CGIProxy.fcgi?cmd=getDevState&usr=user&pwd=pass:4000:REGEX(.*?<motionDetectAlarm>(.*?)</motionDetectAlarm>.*)]" }

`
But after trying to configure the reverse proxy NGINX this item threw this ERROR

2019-11-29 10:03:22.303 [ERROR] [org.openhab.io.net.http.HttpUtil    ] - Fatal transport error: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2019-11-29 10:03:22.313 [ERROR] [ab.binding.http.internal.HttpBinding] - No response received from 'https://LAN-IP_dir/cgi-bin/CGIProxy.fcgi?cmd=getDevState&usr=user&pwd=pass'

I uninstalled de NGINX reverse proxy and import the IPcam certificate in the keystore but no luck. Any Idea?
Thanks