I have a windows machine so KeyStore Explorer looked the simplest for me.
I Imported both the Certs, rebooted the computer but still no luck getting this running.
If I reload Keystore Explorer it looks like both have imported ok!
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[?:?]
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959) ~[?:?]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) ~[?:?]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) ~[?:?]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514) ~[?:?]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[?:?]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026) ~[?:?]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961) ~[?:?]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) ~[?:?]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) ~[?:?]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) ~[?:?]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) ~[?:?]
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[?:?]
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:?]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1334) ~[?:?]
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1309) ~[?:?]
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:259) ~[?:?]
at org.openhab.binding.icloud.internal.Connection.postRequest(Connection.java:95) ~[?:?]
at org.openhab.binding.icloud.internal.Connection.requestDeviceStatusJSON(Connection.java:55) ~[?:?]
at org.openhab.binding.icloud.handler.ICloudAccountBridgeHandler.lambda$0(ICloudAccountBridgeHandler.java:81) ~[?:?]
at org.eclipse.smarthome.core.cache.ExpiringCache.refreshValue(ExpiringCache.java:81) ~[?:?]
at org.eclipse.smarthome.core.cache.ExpiringCache.getValue(ExpiringCache.java:61) ~[?:?]
at org.openhab.binding.icloud.handler.ICloudAccountBridgeHandler.refreshData(ICloudAccountBridgeHandler.java:132) ~[?:?]
at org.openhab.binding.icloud.handler.ICloudAccountBridgeHandler.lambda$1(ICloudAccountBridgeHandler.java:123) ~[?:?]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [?:?]
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) [?:?]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) [?:?]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) [?:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:?]
at java.lang.Thread.run(Thread.java:748) [?:?]
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) ~[?:?]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[?:?]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:?]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:?]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:?]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:?]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496) ~[?:?]
... 26 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[?:?]
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[?:?]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[?:?]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) ~[?:?]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) ~[?:?]
at sun.security.validator.Validator.validate(Validator.java:260) ~[?:?]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[?:?]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[?:?]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[?:?]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496) ~[?:?]
... 26 more
2018-08-17 13:28:57.703 [INFO ]
Anybody know what I am doing wrong?
Many Thanks
Mick
Followed the script of @The-Elk (see above) and the certificates got installed. Your error message indicates that the folder /temp/cert… has not been created by the first command.
I have the certificates installed and working in theSynology Java setup but this does not solve the binding problem.
Finally got this sorted and can’t believe my school boy error!
I have got “JRE” and “JDK” on my machine and didn’t realise KeyStore Explorer was only updating “JRE”.
I finally forced KeyStore Explorer to open the other folder and it has worked.
Hopefully this method will work for others with ongoing problems.
I had the same issue last week, Openhab crashed and it lost all the things. When I reinstalled them the iCloud thing didn’t work.
I followed the steps above and got the same error “Certificate not imported, alias exists” but the error was my iCloud account details were wrong.
Once I corrected them (in my case the e-mail was wrong) it all worked perfectly.
Thanks, running Build #1374, so far so good…
however when test removing the things(many iphones, ipads, watches), it seems can not completely remove all things from the paper ui page, what should I do to clean this up? Thanks
232 │ Active │ 80 │ 2.4.0.201809191933 │ iCloud Binding
But unfortunately I did not get any data from iCloud, so I have 2 questions:
first I am not sure about from where do I get the deviceID, which I need to define the iCloud.things, as described in the docu ? (is it the UUID which I find in iTunes, when connecting the iPhone to my iMac?)
second log problem with: “Problem while calling the API” (see below, sorry for long log)
What I am doing wrong?
2018-10-12 22:26:18.597 [INFO ] [ttp.internal.SecureHttpClientFactory] - creating httpClient for endpoint https://fmipmobile.icloud.com
2018-10-12 22:26:18.603 [INFO ] [ttp.internal.SecureHttpClientFactory] - using custom trustmanagers (certificate pinning) for httpClient for endpoint https://fmipmobile.icloud.com
2018-10-12 22:26:19.365 [WARN ] [d.handler.ICloudAccountBridgeHandler] - Unable to refresh device data
java.io.IOException: Problem while calling the API
at org.openhab.binding.icloud.internal.ICloudConnection.callApi(ICloudConnection.java:115) ~[?:?]
at org.openhab.binding.icloud.internal.ICloudConnection.requestDeviceStatusJSON(ICloudConnection.java:91) ~[?:?]
at org.openhab.binding.icloud.handler.ICloudAccountBridgeHandler.lambda$0(ICloudAccountBridgeHandler.java:87) ~[?:?]
at org.eclipse.smarthome.core.cache.ExpiringCache.refreshValue(ExpiringCache.java:81) ~[?:?]
at org.eclipse.smarthome.core.cache.ExpiringCache.getValue(ExpiringCache.java:61) ~[?:?]
at org.openhab.binding.icloud.handler.ICloudAccountBridgeHandler.refreshData(ICloudAccountBridgeHandler.java:141) ~[?:?]
at org.openhab.binding.icloud.handler.ICloudAccountBridgeHandler.lambda$1(ICloudAccountBridgeHandler.java:132) ~[?:?]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [?:?]
at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) [?:?]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) [?:?]
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) [?:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:?]
at java.lang.Thread.run(Thread.java:748) [?:?]
Caused by: org.eclipse.jetty.client.HttpResponseException: HTTP protocol violation: Authentication challenge without WWW-Authenticate header
at org.eclipse.jetty.client.AuthenticationProtocolHandler$AuthenticationListener.onComplete(AuthenticationProtocolHandler.java:114) ~[?:?]
at org.eclipse.jetty.client.ResponseNotifier.notifyComplete(ResponseNotifier.java:193) ~[?:?]
at org.eclipse.jetty.client.ResponseNotifier.notifyComplete(ResponseNotifier.java:185) ~[?:?]
at org.eclipse.jetty.client.HttpReceiver.terminateResponse(HttpReceiver.java:458) ~[?:?]
at org.eclipse.jetty.client.HttpReceiver.responseSuccess(HttpReceiver.java:405) ~[?:?]
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.messageComplete(HttpReceiverOverHTTP.java:277) ~[?:?]
at org.eclipse.jetty.http.HttpParser.handleContentMessage(HttpParser.java:599) ~[?:?]
at org.eclipse.jetty.http.HttpParser.parseContent(HttpParser.java:1526) ~[?:?]
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:1350) ~[?:?]
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.parse(HttpReceiverOverHTTP.java:159) ~[?:?]
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:120) ~[?:?]
at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:70) ~[?:?]
at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:90) ~[?:?]
at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:115) ~[?:?]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283) ~[?:?]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108) ~[?:?]
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:251) ~[?:?]
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283) ~[?:?]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108) ~[?:?]
at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) ~[?:?]
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) ~[?:?]
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) ~[?:?]
at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) ~[?:?]
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) ~[?:?]
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) ~[?:?]
... 1 more
Please note that all workarounds above should not be needed anymore when using the snapshot version, because some changes in the framework and the binding were merged which resolve this.
My local environment is completely happy (without any workarounds)
openHAB 2.4.0~M5-1 (Milestone Build) also not working
iCloud binding worked fine with Build #1414, but after switch to #1425 it stopped working. Then Milestone build #M5 fresh installed, I got the following failure text for iCloud bridge in Paper UI: OFFLINE - COMMUNICATION_ERROR java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem.
Log from Frontail:
2018-11-19 23:18:16.808 [WARN ] [d.handler.ICloudAccountBridgeHandler] - Unable to refresh device data
at org.openhab.binding.icloud.internal.ICloudConnection.requestDeviceStatusJSON(ICloudConnection.java:68) ~[?:?]
at org.openhab.binding.icloud.handler.ICloudAccountBridgeHandler.lambda$0(ICloudAccountBridgeHandler.java:81) ~[?:?]
at org.openhab.binding.icloud.handler.ICloudAccountBridgeHandler.refreshData(ICloudAccountBridgeHandler.java:132) ~[?:?]
at org.openhab.binding.icloud.handler.ICloudAccountBridgeHandler.lambda$1(ICloudAccountBridgeHandler.java:123) ~[?:?]
2018-11-19 23:21:36.128 [hingStatusInfoChangedEvent] - 'icloud:account:f4bc670e' changed from OFFLINE (COMMUNICATION_ERROR): java.util.concurrent.ExecutionException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem to UNINITIALIZED
2018-11-19 23:21:36.143 [hingStatusInfoChangedEvent] - 'icloud:account:f4bc670e' changed from UNINITIALIZED to UNINITIALIZED (HANDLER_MISSING_ERROR)
I’m running openHAB on a Synology DS415+ (DSM DSM 6.2.1-23824 Update 1). The iCloud binding startet working again with your snapshot version, thanks! But after a few hours openHAB’s responsiveness slowed down considerably until it stopped working altogether and the Basic UI page wouldn’t open anymore. Once I uninstalled the iCloud snapshot everything was back to normal.
Usually openHAB uses below 1% of CPU, with the binding running it was up to around 20%.
I can reproduce this by putting a wrong email/password, please check carefully.
It is not part of M5 and I’m surprised that was solved for you in build 1414 because the openHAB changes were only merged on the 8th of november, so after you posted that was solved for you, but I did not want disturb that party
Given all confusion above, what version are you running, the one I posted somewhere or a pure one from the snapshot repository.
I’m running version:
275 │ Active │ 80 │ 2.4.0.201811202338 │ iCloud Binding