Icloud binding - General SSLEngine problem

AlexMartin13 · July 27, 2018, 7:06am

Great work! Any ideas on how to achieve this on a windows installation of openHAB?

The-Elk · July 27, 2018, 7:28am

How is the right DIR for openhabian?
How is the solution for openhabian users?

THX

Stefan

Syn · July 27, 2018, 7:38am

The dir is:
/usr/lib/jvm/zulu-embedded-8-armhf
The rest is the same. I only had to reboot.

dale · July 27, 2018, 7:43am

On a fedora 27 server java is at /usr/java/jre1.8.0_152/
under that the certs are at ./lib/security/cacerts
A restart of openhab and relinking of the iCloud things.

Thanks for the hints.

dan12345 · July 27, 2018, 7:59am

didn’t work for me - I’m guessing I was in the wrong folder (I tried /usr/lib/jvm/java-8-oracle). Am on Ubuntu 16.04

The-Elk · July 27, 2018, 8:19am

MANY THX, this DIR I also found, but I was not sure.

What I do step by step “for openhabian Users”:

connect via SSH to openhabian

echo -n | openssl s_client -servername fmipmobile.icloud.com -host fmipmobile.icloud.com -port 443 -prexit -showcerts 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/icloud2.crt

cd /tmp

csplit -f cert /tmp/icloud2.crt '/^-----BEGIN CERTIFICATE-----/' {*}

sudo su

cd /usr/lib/jvm/zulu-embedded-8-armhf

bin/keytool -importcert -file /tmp/cert01 -alias icloudfmi1 -trustcacerts -keystore ./jre/lib/security/cacerts -storepass changeit

Trust the certificates with y

bin/keytool -importcert -file /tmp/cert02 -alias icloudfmi2 -trustcacerts -keystore ./jre/lib/security/cacerts -storepass changeit

Trust the certificates with y

systemctl stop openhab2

OPTIONAL

rm -r /var/lib/openhab2/cache/*

rm -r /var/lib/openhab2/tmp/*

reboot

Chri46 · July 27, 2018, 10:09am

worked for me as well:

pi@openhab:~ $ echo -n | openssl s_client -servername fmipmobile.icloud.com -host fmipmobile.icloud.com -port 443 -prexit -showcerts 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/icloud2.crt
pi@openhab:~ $ more /tmp/icloud2.crt 
-----BEGIN CERTIFICATE-----
MIIM3jCCC8agAwIBAgIISvXZk5bb3bQwDQYJKoZIhvcNAQELBQAwbTEnMCUGA1UE
AwweQXBwbGUgU2VydmVyIEF1dGhlbnRpY2F0aW9uIENBMSAwHgYDVQQLDBdDZXJ0
aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UE
BhMCVVMwHhcNMTgwNzIwMDUyNjM0WhcNMTkwODE5MDUyNjM0WjBXMR4wHAYDVQQD
DBVmbWlwbW9iaWxlLmljbG91ZC5jb20xEzARBgNVBAoMCkFwcGxlIEluYy4xEzAR
BgNVBAgMCkNhbGlmb3JuaWExCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA0E13UJAfBba2Jwap4CC7KpM4nJiKRDNAceMYFhcdTxx8
3hxsK5WTdRKfB1Brp6s3Omo+ImNOj38O4TZfrX1+xMma0Znllim4lliqWV3b9gUy
SEm7RCAyiMSRez7CuHVND8Insb18NA+dQq3CoZvdCWCL+uibqY9fyw+p6+4Vhr91
0vBdQ6DER27eBwULcLmFD99SF78YLOg5g2UqwTfQCDoFVLXfJSYJaPGv7KV3yepu
xIfymlhz5U3dlirSpuDl/DhOGcPSHrar2zoWVzNUODjlfOFstIGtStzBCb5GK1NF
hSRi4CVztppDPEGMQK5HXtsKehts3jD8pjLsy8rc0wIDAQABo4IJljCCCZIwDAYD
VR0TAQH/BAIwADAfBgNVHSMEGDAWgBQsxW1S3THvjOwIge3f3MpDAEUB0DCCCMoG
A1UdEQSCCMEwggi9ghlwNTgtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDUtZm1p
cG1vYmlsZS5pY2xvdWQuY29tghlwNTQtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlw
NjYtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDctZm1pcG1vYmlsZS5pY2xvdWQu
Y29tghlwMDItZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDQtZm1pcG1vYmlsZS5p
Y2xvdWQuY29tghlwNTAtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNzktZm1pcG1v
YmlsZS5pY2xvdWQuY29tghlwMjMtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMzUt
Zm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTAtZm1pcG1vYmlsZS5pY2xvdWQuY29t
ghlwNzMtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNzYtZm1pcG1vYmlsZS5pY2xv
dWQuY29tghlwNzAtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNTctZm1pcG1vYmls
ZS5pY2xvdWQuY29tghlwMzMtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDMtZm1p
cG1vYmlsZS5pY2xvdWQuY29tghlwMjYtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlw
NjItZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNzEtZm1pcG1vYmlsZS5pY2xvdWQu
Y29tghlwMDctZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDEtZm1pcG1vYmlsZS5p
Y2xvdWQuY29tghlwNDktZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMzYtZm1pcG1v
YmlsZS5pY2xvdWQuY29tghlwMDUtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTgt
Zm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNTEtZm1pcG1vYmlsZS5pY2xvdWQuY29t
ghlwNjctZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwOTctZm1pcG1vYmlsZS5pY2xv
dWQuY29tghlwMzAtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNzgtZm1pcG1vYmls
ZS5pY2xvdWQuY29tghlwMzItZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTctZm1p
cG1vYmlsZS5pY2xvdWQuY29tghlwNzUtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlw
MTktZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwODAtZm1pcG1vYmlsZS5pY2xvdWQu
Y29tghlwMTQtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNjQtZm1pcG1vYmlsZS5p
Y2xvdWQuY29tghlwMDQtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTItZm1pcG1v
YmlsZS5pY2xvdWQuY29tghlwMjEtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMzkt
Zm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTEtZm1pcG1vYmlsZS5pY2xvdWQuY29t
ghlwMDktZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwOTgtZm1pcG1vYmlsZS5pY2xv
dWQuY29tghlwMDMtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMzctZm1pcG1vYmls
ZS5pY2xvdWQuY29tghlwMTUtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNTUtZm1p
cG1vYmlsZS5pY2xvdWQuY29tghlwNzQtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlw
NjUtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMjgtZm1pcG1vYmlsZS5pY2xvdWQu
Y29tghlwMjctZm1pcG1vYmlsZS5pY2xvdWQuY29tghVmbWlwbW9iaWxlLmljbG91
ZC5jb22CGXAwMS1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA0Ni1mbWlwbW9iaWxl
LmljbG91ZC5jb22CGXA0Mi1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA1OS1mbWlw
bW9iaWxlLmljbG91ZC5jb22CGXA0OC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA3
Ny1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAyMC1mbWlwbW9iaWxlLmljbG91ZC5j
b22CGXAzOC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA3Mi1mbWlwbW9iaWxlLmlj
bG91ZC5jb22CGXA2OC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAzMS1mbWlwbW9i
aWxlLmljbG91ZC5jb22CGXAyNC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAzNC1m
bWlwbW9iaWxlLmljbG91ZC5jb22CGXA0MC1mbWlwbW9iaWxlLmljbG91ZC5jb22C
GXA1Mi1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA2OS1mbWlwbW9iaWxlLmljbG91
ZC5jb22CGXAyOS1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAxNi1mbWlwbW9iaWxl
LmljbG91ZC5jb22CGXA2MC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA2MS1mbWlw
bW9iaWxlLmljbG91ZC5jb22CGXA1My1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA1
Ni1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAwNi1mbWlwbW9iaWxlLmljbG91ZC5j
b22CGXAyNS1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAyMi1mbWlwbW9iaWxlLmlj
bG91ZC5jb22CGXAxMy1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAwOC1mbWlwbW9i
aWxlLmljbG91ZC5jb22CGXA2My1mbWlwbW9iaWxlLmljbG91ZC5jb20wEwYDVR0l
BAwwCgYIKwYBBQUHAwEwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5hcHBs
ZS5jb20vYXBwbGVzZXJ2ZXJhdXRoY2ExLmNybDAdBgNVHQ4EFgQUVJQzamy7Wisg
RDbUmfxNzz71GTUwDgYDVR0PAQH/BAQDAgWgMBEGCyqGSIb3Y2QGGwYCBAIFADAN
BgkqhkiG9w0BAQsFAAOCAQEARJN28m3634z71Um4HXyQXH8rPVO/DNTJhndvIrZK
TBpAQO30JHCg1nRC+ImfaG88wYvUNKzBLMMctqPCCjaCFOKgrs9uMheHjonA1zgY
Y3VLXj7oo5po2Lc+NIoGvcCzjwxvhqHsvn8WSp3ntxocq3ppdDnEaHkYVkEcbvyQ
VZGdmQHlAH2mH0kE15HdaNQlrmZ4N8xGtG4e43qJBqVk9A0Tmr1LkSEliOvrTDtb
/bbgzOjrf9m0qx6kmpktOajm0cfjd4lcndJCa8UgcK5Ad1YADjaFYD3zEPoQfuNO
4REuBSq2SzvtRjaKY82Fkd3bPrQx2LE8a4RU6hg/9+oE2Q==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIID+DCCAuCgAwIBAgIII2l0BK3LgxQwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkFwcGxlIEluYy4xJjAkBgNVBAsTHUFwcGxlIENlcnRp
ZmljYXRpb24gQXV0aG9yaXR5MRYwFAYDVQQDEw1BcHBsZSBSb290IENBMB4XDTE0
MDMwODAxNTMwNFoXDTI5MDMwODAxNTMwNFowbTEnMCUGA1UEAwweQXBwbGUgU2Vy
dmVyIEF1dGhlbnRpY2F0aW9uIENBMSAwHgYDVQQLDBdDZXJ0aWZpY2F0aW9uIEF1
dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Jhawy4ercRWSjt+qPuGA11O6pGDM
fIVy9zB8CU9XDUr/4V7JS1ATAmSxvTk10dcEUcEY+iL6rt+YGNa/Tk1DEPoliJ/T
QIV25SKBtlRFc5qL45xIGoZ6w1Hi2pX4pH3bMN5sDsTF9WyY56b6VyAdGXN6Ds1j
D7cniC7hmmiCuEBsYxYkZivnsuJUfeeIOaIbgT4C0znYl3dKMgzWCgqzBJvxcm9j
qBUebDfoD9tTkNYpXLxqV5tGeAo+JOqaP6HYP/XbbqhsgrXdmTjsklaUpsVzJtGu
CLLGUueOdkuJuFQPbuDZQtsqZYdGFLuWuFe7UeaEE/cNobaJrHzRIXSrAgMBAAGj
gaYwgaMwHQYDVR0OBBYEFCzFbVLdMe+M7AiB7d/cykMARQHQMA8GA1UdEwEB/wQF
MAMBAf8wHwYDVR0jBBgwFoAUK9BpR5R2Cf70a40uQKb3R01/CF4wLgYDVR0fBCcw
JTAjoCGgH4YdaHR0cDovL2NybC5hcHBsZS5jb20vcm9vdC5jcmwwDgYDVR0PAQH/
BAQDAgEGMBAGCiqGSIb3Y2QGAgwEAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAj8QZ+
UEGBol7TcKRJka/YzGeMoSV9xJqTOS/YafsbQVtE19lryzslCRry9OPHnOiwW/Df
3SIlERWTuUle2gxmel7Xb/Bj1GWMxHpUfVZPZZr92sSyyLC4oct94EeoQBW4Fhnt
W2GO36rQzdI6wH46nyJO39/0ThrNk//Q8EVVZDM+1OXaaKATinYwJ9S/+B529vnD
AO+xg+pTbVw1xw0HAbr4Ybn+xZprQ2GBA+u6X3Cd6G+UJEvczpKoLqI1PONJ4BZ3
otxruY0YQrk2lkMyxst2mTU22FbGmF3Db6V+lcLVegoCIGZ4kvJnpCMN6Am9zCEx
EKC9vrXdTN1GA5mZ
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIM3jCCC8agAwIBAgIISvXZk5bb3bQwDQYJKoZIhvcNAQELBQAwbTEnMCUGA1UE
AwweQXBwbGUgU2VydmVyIEF1dGhlbnRpY2F0aW9uIENBMSAwHgYDVQQLDBdDZXJ0
aWZpY2F0aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UE
BhMCVVMwHhcNMTgwNzIwMDUyNjM0WhcNMTkwODE5MDUyNjM0WjBXMR4wHAYDVQQD
DBVmbWlwbW9iaWxlLmljbG91ZC5jb20xEzARBgNVBAoMCkFwcGxlIEluYy4xEzAR
BgNVBAgMCkNhbGlmb3JuaWExCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA0E13UJAfBba2Jwap4CC7KpM4nJiKRDNAceMYFhcdTxx8
3hxsK5WTdRKfB1Brp6s3Omo+ImNOj38O4TZfrX1+xMma0Znllim4lliqWV3b9gUy
SEm7RCAyiMSRez7CuHVND8Insb18NA+dQq3CoZvdCWCL+uibqY9fyw+p6+4Vhr91
0vBdQ6DER27eBwULcLmFD99SF78YLOg5g2UqwTfQCDoFVLXfJSYJaPGv7KV3yepu
xIfymlhz5U3dlirSpuDl/DhOGcPSHrar2zoWVzNUODjlfOFstIGtStzBCb5GK1NF
hSRi4CVztppDPEGMQK5HXtsKehts3jD8pjLsy8rc0wIDAQABo4IJljCCCZIwDAYD
VR0TAQH/BAIwADAfBgNVHSMEGDAWgBQsxW1S3THvjOwIge3f3MpDAEUB0DCCCMoG
A1UdEQSCCMEwggi9ghlwNTgtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDUtZm1p
cG1vYmlsZS5pY2xvdWQuY29tghlwNTQtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlw
NjYtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDctZm1pcG1vYmlsZS5pY2xvdWQu
Y29tghlwMDItZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDQtZm1pcG1vYmlsZS5p
Y2xvdWQuY29tghlwNTAtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNzktZm1pcG1v
YmlsZS5pY2xvdWQuY29tghlwMjMtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMzUt
Zm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTAtZm1pcG1vYmlsZS5pY2xvdWQuY29t
ghlwNzMtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNzYtZm1pcG1vYmlsZS5pY2xv
dWQuY29tghlwNzAtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNTctZm1pcG1vYmls
ZS5pY2xvdWQuY29tghlwMzMtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDMtZm1p
cG1vYmlsZS5pY2xvdWQuY29tghlwMjYtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlw
NjItZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNzEtZm1pcG1vYmlsZS5pY2xvdWQu
Y29tghlwMDctZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNDEtZm1pcG1vYmlsZS5p
Y2xvdWQuY29tghlwNDktZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMzYtZm1pcG1v
YmlsZS5pY2xvdWQuY29tghlwMDUtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTgt
Zm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNTEtZm1pcG1vYmlsZS5pY2xvdWQuY29t
ghlwNjctZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwOTctZm1pcG1vYmlsZS5pY2xv
dWQuY29tghlwMzAtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNzgtZm1pcG1vYmls
ZS5pY2xvdWQuY29tghlwMzItZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTctZm1p
cG1vYmlsZS5pY2xvdWQuY29tghlwNzUtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlw
MTktZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwODAtZm1pcG1vYmlsZS5pY2xvdWQu
Y29tghlwMTQtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNjQtZm1pcG1vYmlsZS5p
Y2xvdWQuY29tghlwMDQtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTItZm1pcG1v
YmlsZS5pY2xvdWQuY29tghlwMjEtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMzkt
Zm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMTEtZm1pcG1vYmlsZS5pY2xvdWQuY29t
ghlwMDktZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwOTgtZm1pcG1vYmlsZS5pY2xv
dWQuY29tghlwMDMtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMzctZm1pcG1vYmls
ZS5pY2xvdWQuY29tghlwMTUtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwNTUtZm1p
cG1vYmlsZS5pY2xvdWQuY29tghlwNzQtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlw
NjUtZm1pcG1vYmlsZS5pY2xvdWQuY29tghlwMjgtZm1pcG1vYmlsZS5pY2xvdWQu
Y29tghlwMjctZm1pcG1vYmlsZS5pY2xvdWQuY29tghVmbWlwbW9iaWxlLmljbG91
ZC5jb22CGXAwMS1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA0Ni1mbWlwbW9iaWxl
LmljbG91ZC5jb22CGXA0Mi1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA1OS1mbWlw
bW9iaWxlLmljbG91ZC5jb22CGXA0OC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA3
Ny1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAyMC1mbWlwbW9iaWxlLmljbG91ZC5j
b22CGXAzOC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA3Mi1mbWlwbW9iaWxlLmlj
bG91ZC5jb22CGXA2OC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAzMS1mbWlwbW9i
aWxlLmljbG91ZC5jb22CGXAyNC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAzNC1m
bWlwbW9iaWxlLmljbG91ZC5jb22CGXA0MC1mbWlwbW9iaWxlLmljbG91ZC5jb22C
GXA1Mi1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA2OS1mbWlwbW9iaWxlLmljbG91
ZC5jb22CGXAyOS1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAxNi1mbWlwbW9iaWxl
LmljbG91ZC5jb22CGXA2MC1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA2MS1mbWlw
bW9iaWxlLmljbG91ZC5jb22CGXA1My1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXA1
Ni1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAwNi1mbWlwbW9iaWxlLmljbG91ZC5j
b22CGXAyNS1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAyMi1mbWlwbW9iaWxlLmlj
bG91ZC5jb22CGXAxMy1mbWlwbW9iaWxlLmljbG91ZC5jb22CGXAwOC1mbWlwbW9i
aWxlLmljbG91ZC5jb22CGXA2My1mbWlwbW9iaWxlLmljbG91ZC5jb20wEwYDVR0l
BAwwCgYIKwYBBQUHAwEwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5hcHBs
ZS5jb20vYXBwbGVzZXJ2ZXJhdXRoY2ExLmNybDAdBgNVHQ4EFgQUVJQzamy7Wisg
RDbUmfxNzz71GTUwDgYDVR0PAQH/BAQDAgWgMBEGCyqGSIb3Y2QGGwYCBAIFADAN
BgkqhkiG9w0BAQsFAAOCAQEARJN28m3634z71Um4HXyQXH8rPVO/DNTJhndvIrZK
TBpAQO30JHCg1nRC+ImfaG88wYvUNKzBLMMctqPCCjaCFOKgrs9uMheHjonA1zgY
Y3VLXj7oo5po2Lc+NIoGvcCzjwxvhqHsvn8WSp3ntxocq3ppdDnEaHkYVkEcbvyQ
VZGdmQHlAH2mH0kE15HdaNQlrmZ4N8xGtG4e43qJBqVk9A0Tmr1LkSEliOvrTDtb
/bbgzOjrf9m0qx6kmpktOajm0cfjd4lcndJCa8UgcK5Ad1YADjaFYD3zEPoQfuNO
4REuBSq2SzvtRjaKY82Fkd3bPrQx2LE8a4RU6hg/9+oE2Q==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIID+DCCAuCgAwIBAgIII2l0BK3LgxQwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkFwcGxlIEluYy4xJjAkBgNVBAsTHUFwcGxlIENlcnRp
ZmljYXRpb24gQXV0aG9yaXR5MRYwFAYDVQQDEw1BcHBsZSBSb290IENBMB4XDTE0
MDMwODAxNTMwNFoXDTI5MDMwODAxNTMwNFowbTEnMCUGA1UEAwweQXBwbGUgU2Vy
dmVyIEF1dGhlbnRpY2F0aW9uIENBMSAwHgYDVQQLDBdDZXJ0aWZpY2F0aW9uIEF1
dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Jhawy4ercRWSjt+qPuGA11O6pGDM
fIVy9zB8CU9XDUr/4V7JS1ATAmSxvTk10dcEUcEY+iL6rt+YGNa/Tk1DEPoliJ/T
QIV25SKBtlRFc5qL45xIGoZ6w1Hi2pX4pH3bMN5sDsTF9WyY56b6VyAdGXN6Ds1j
D7cniC7hmmiCuEBsYxYkZivnsuJUfeeIOaIbgT4C0znYl3dKMgzWCgqzBJvxcm9j
qBUebDfoD9tTkNYpXLxqV5tGeAo+JOqaP6HYP/XbbqhsgrXdmTjsklaUpsVzJtGu
CLLGUueOdkuJuFQPbuDZQtsqZYdGFLuWuFe7UeaEE/cNobaJrHzRIXSrAgMBAAGj
gaYwgaMwHQYDVR0OBBYEFCzFbVLdMe+M7AiB7d/cykMARQHQMA8GA1UdEwEB/wQF
MAMBAf8wHwYDVR0jBBgwFoAUK9BpR5R2Cf70a40uQKb3R01/CF4wLgYDVR0fBCcw
JTAjoCGgH4YdaHR0cDovL2NybC5hcHBsZS5jb20vcm9vdC5jcmwwDgYDVR0PAQH/
BAQDAgEGMBAGCiqGSIb3Y2QGAgwEAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAj8QZ+
UEGBol7TcKRJka/YzGeMoSV9xJqTOS/YafsbQVtE19lryzslCRry9OPHnOiwW/Df
3SIlERWTuUle2gxmel7Xb/Bj1GWMxHpUfVZPZZr92sSyyLC4oct94EeoQBW4Fhnt
W2GO36rQzdI6wH46nyJO39/0ThrNk//Q8EVVZDM+1OXaaKATinYwJ9S/+B529vnD
AO+xg+pTbVw1xw0HAbr4Ybn+xZprQ2GBA+u6X3Cd6G+UJEvczpKoLqI1PONJ4BZ3
otxruY0YQrk2lkMyxst2mTU22FbGmF3Db6V+lcLVegoCIGZ4kvJnpCMN6Am9zCEx
EKC9vrXdTN1GA5mZ
-----END CERTIFICATE-----
pi@openhab:~ $ csplit -f cert /tmp/icloud2.crt '/^-----BEGIN CERTIFICATE-----/' {*}

pi@openhab: sudo $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -alias fmip-icloud1-Root-CA -file cert01 

pi@openhab: sudo $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -alias fmip-icloud2-Root-CA -file cert02

Trust both the certificates with y

pi@openhab:~ $ sudo systemctl stop openhab2.service
pi@openhab:~ $ sudo systemctl start openhab2.service

to restart openhab - removing the cache and tmp was not required.

Bucofski · July 27, 2018, 1:03pm

I tryed the tutorial above and that did work for my wife her account. on my account I have the following fault : Server returned HTTP response code: 401 for URL: https://fmipmobile.icloud.com/fmipservice/device/(My email)/initClient. and before it did work… any ideas?

Bucofski · July 27, 2018, 1:14pm

Problem found. Had to change my psw.

patrik_gfeller · July 27, 2018, 3:19pm

Hi Alex et all,

here a way to achieve this on a windows system using a GUI tool instead of command line. I was able to conviniently add the new certificates using the KeyStore Explorer open source tool.

Install KeyStore Explorer and start it as admin.
Select “Open the CA Certificates KeyStore”.
In the “Examine” menu you can select the option to examine SSL.
Enter “fmipmobile.icloud.com” as server to be examined. After a click to “OK” you should see the certificate tree (two certificates).
Select each of the certificates in the tree and click “Import”.
After you have imported both certificates you need to save the changes.

After a restart of openHAB the connection should work again.

with kind regards,
Patrik

rvo · July 27, 2018, 7:01pm

That location worked for me on Ubuntu 16.04.5. You can find your location with:

 update-java-alternatives --list

dan12345 · July 27, 2018, 8:49pm

ah, thanks. My problem was I hadn’t reset openhab. works now!

AlexMartin13 · July 27, 2018, 10:22pm

Great stuff. I’ll give this a go next time I have a chance.

scha · July 28, 2018, 6:30am

Had to find out the right directory for the certificates to import, which was /etc/ssl/certs/java in my case (Ubuntu 16.04 with jre 1.8.0_181) but works.

Many thanks for the guru´s here

germanbob · July 28, 2018, 11:37am

I’m using an Installation on Docker and even though I added the Certificate to my host machine’s keystore it still doesn’t work. I’m assuming I have to add it somewhere in the Docker Container too…

Does anyone have any experience with that?

Michael_Grymonprez · July 28, 2018, 5:28pm

I’m using Openhab 2.3 under windows7. I tried the method given by patrick but it still not working. Anything else to try ?

Regards

Baumstange · July 28, 2018, 7:12pm

Hi,

I encounter the same problems with iCloud. I am running Openhab2.3 on Synology.

I did follow the script above and succeeded to add the 2 certificates to keystone via (command for cert2 see below)

sudo bin/keytool -importcert -file /tmp/cert02 -alias icloudfmi2 -trustcacerts -keystore ./jre/lib/security/cacerts -storepass changeit

I started this from the folder: /var/packages/Java8/target/j2sdk-image

Despite restart of openhab, update of iCloud things-file the problem persists. Anyone an idea where the approach did go wrong or where I did miss something?

Regards

AlexMartin13 · July 29, 2018, 8:11am

This works perfectly. At first I couldn’t save the configuration because the file was locked. However, I’m back up and running now so thanks for the tip @patrik_gfeller

martinvw · August 1, 2018, 7:29am

Mine is used inside a docker container as wel, so it should work, you just have to connect to the container I use the following command for that

docker exec -it openhab23_openhab_1 /bin/bash

germanbob · August 1, 2018, 5:59pm

Thank you! This worked like a charm!

I’m just getting started with the whole docker thing (and Linux in general) so I’m just starting to figure things out. I already figured that I would need to do that in the container somehow so I tried finding the java install path inside the container with this:
update-java-alternatives --list
This didn’t yield any results so I was poking around in the folders a bit and eventually ran out of creative ideas…