Samsung TV Binding (Beta)

Raspberry Pi 4 with openhabian.

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:03:7f:99:69:11:23:0c:11:36:b8:1d:b9:27:72:73:f0:6c:10:99
        Signature Algorithm: sha512WithRSAEncryption
        Issuer: C = KR, O = Samsung Electronics, OU = Visual Display Business, CN = SmartViewSDK Root CA G2
        Validity
            Not Before: Apr  7 01:30:51 2022 GMT
            Not After : Mar 25 01:30:51 2072 GMT
        Subject: C = KR, O = Samsung Electronics, OU = Visual Display Business, CN = Samsung SmartViewSDK Cert. G2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:81:2f:da:d7:f6:c6:74:01:81:1e:35:fb:9e:
                    96:1e:40:3e:7c:0e:95:75:b8:06:1c:9d:53:15:f9:
                    bc:4d:0c:4e:2f:9c:89:a1:19:cf:16:76:62:e3:6b:
                    eb:03:2f:96:95:8b:eb:06:ab:be:b7:4a:e2:6c:96:
                    fd:e8:b5:6a:64:41:e0:c3:6b:b6:f4:1e:ce:25:49:
                    2a:db:0f:e4:e4:6e:62:4c:0a:fc:9a:65:d9:35:45:
                    6b:be:3d:03:c3:83:78:57:ec:59:76:d9:a2:0b:0c:
                    b9:c7:6d:bf:27:d3:ff:3b:20:70:6c:4d:35:7a:bb:
                    ea:8d:e4:bd:dc:3f:14:de:dc:84:a6:6d:c7:b1:47:
                    c0:2f:b2:c2:d8:71:ec:7d:d4:80:4d:96:bb:05:34:
                    f3:31:2c:4b:8b:3f:7d:e7:80:1f:5d:c2:c5:94:1c:
                    b4:78:35:55:ac:14:76:39:d3:f8:ae:83:5c:62:39:
                    c6:8c:45:a6:e3:28:dc:be:52:73:f8:f9:2d:be:c8:
                    37:63:e6:e0:04:c8:cf:c6:f2:ce:ed:5c:90:05:76:
                    5e:46:3d:61:90:b0:8d:28:03:43:f9:81:96:84:32:
                    9e:18:11:2d:e5:79:92:5f:cf:a5:0f:d6:1c:0d:a2:
                    1c:1e:45:47:1f:2d:f3:cf:d2:ff:68:6c:96:04:17:
                    01:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                keyid:C7:AD:0A:01:1E:EC:9C:2F:5A:9F:C9:D4:EE:9C:47:0E:01:C7:D3:80

            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage:
                TLS Web Server Authentication
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Subject Key Identifier:
                6B:EF:10:2B:CA:41:8E:39:18:45:A2:FC:8F:39:19:2E:41:32:25:CD
    Signature Algorithm: sha512WithRSAEncryption
         a1:13:e5:31:a3:b3:14:2a:2c:9d:95:0c:28:b1:66:d4:6e:33:
         a7:9e:29:89:e4:a1:a3:db:41:a0:21:d9:f6:45:dc:a4:6e:72:
         da:15:88:29:e5:e5:93:33:72:51:4b:fa:84:5f:f9:01:e8:18:
         5b:1a:19:a8:25:d2:45:05:7a:21:0b:42:df:8c:73:08:11:27:
         54:83:d5:3e:bc:46:9e:e2:c3:d7:74:53:42:7d:b2:15:9e:0e:
         9e:a1:4c:ae:69:b5:f8:a4:96:c6:a2:e7:f0:e7:5b:c1:d5:33:
         9f:26:0f:ed:32:39:31:a6:81:5b:5b:f7:09:18:62:86:5b:44:
         ad:ce:b9:80:af:da:e9:d2:58:b2:18:5d:e5:5e:c9:63:e6:a6:
         9d:c1:4e:bd:51:86:28:e9:39:72:2c:8e:31:fa:3b:39:72:bd:
         dc:c6:71:26:ba:03:cf:6c:b5:4e:44:03:d8:4b:6c:f9:53:b4:
         6b:2f:95:42:a4:e2:4c:3a:0f:4f:cc:f8:49:c3:00:e4:49:f4:
         0d:1e:61:1f:24:25:c4:c2:d1:07:cb:21:f5:83:40:97:a9:5d:
         17:87:a0:a2:ef:9d:7c:ee:b1:01:bb:d2:23:3e:22:51:89:21:
         99:34:79:a8:f2:8b:2d:bd:fe:62:e0:aa:fc:12:4e:70:9a:87:
         44:12:24:ad

and here the logs from a recent run:

2023-12-08 20:20:03.277 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Create a Samsung TV Handler for thing 'samsungtv:tv:db1698e7_fac9_4d6f_89e5_5e0990fcd418'
2023-12-08 20:20:03.308 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Initializing Samsung TV handler for uid 'samsungtv:tv:db1698e7_fac9_4d6f_89e5_5e0990fcd418'
2023-12-08 20:20:03.314 [TRACE] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: getting TV properties
2023-12-08 20:20:03.334 [TRACE] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: PowerState set to: on
2023-12-08 20:20:03.337 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Updated artModeSupported: false PowerState: true(on) artMode2022: false
2023-12-08 20:20:03.340 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Configuration: SecureWebSocket, port: 8002, token: , MAC: e0:03:6b:fe:4d:7e, subscription: true
2023-12-08 20:20:03.342 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: SmartThings enabled, device id: a5ee9b47-36fc-6509-9fbb-ef63f143872d
2023-12-08 20:20:03.347 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Check and create missing services
2023-12-08 20:20:03.350 [DEBUG] [nternal.service.MediaRendererService] - 192.168.178.63: Creating a Samsung TV MediaRenderer service: subscription=true
2023-12-08 20:20:03.353 [DEBUG] [nternal.service.MediaRendererService] - 192.168.178.63: Subscribing to service RenderingControl...
2023-12-08 20:20:03.356 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Started service for: QE65S95CATXXH, MediaRenderer (6834f452-7ca5-477d-854a-2528bb573dbc)
2023-12-08 20:20:03.359 [DEBUG] [rnal.service.RemoteControllerService] - 192.168.178.63: Creating a Samsung TV RemoteController service: is UPNP:false
2023-12-08 20:20:03.377 [DEBUG] [nternal.service.MediaRendererService] - 192.168.178.63: Subscription to service RenderingControl succeeded
2023-12-08 20:20:03.392 [TRACE] [l.protocol.RemoteControllerWebSocket] - 192.168.178.63: openConnection()
2023-12-08 20:20:03.394 [DEBUG] [l.protocol.RemoteControllerWebSocket] - 192.168.178.63: RemoteControllerWebSocket start Client
2023-12-08 20:20:03.395 [TRACE] [l.protocol.RemoteControllerWebSocket] - 192.168.178.63: WebSocketClient starting
2023-12-08 20:20:03.408 [TRACE] [l.protocol.RemoteControllerWebSocket] - 192.168.178.63: WebSocketClient started
2023-12-08 20:20:03.410 [TRACE] [l.protocol.RemoteControllerWebSocket] - 192.168.178.63: connectWebSockets()
2023-12-08 20:20:03.411 [WARN ] [l.protocol.RemoteControllerWebSocket] - 192.168.178.63: WebSocketRemote connecting without Token, please accept the connection on the TV within 30 seconds
2023-12-08 20:20:03.413 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketRemote connecting to: wss://192.168.178.63:8002/api/v2/channels/samsung.remote.control?name=b3BlbkhBQg==
2023-12-08 20:20:03.415 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketArt connecting to: wss://192.168.178.63:8002/api/v2/channels/com.samsung.art-app?name=b3BlbkhBQg==
2023-12-08 20:20:03.417 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketV2 connecting to: wss://192.168.178.63:8002/api/v2?name=b3BlbkhBQg==
2023-12-08 20:20:03.419 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Started service for: QE65S95CATXXH, RemoteControlReceiver ()
2023-12-08 20:20:03.421 [DEBUG] [ternal.service.SmartThingsApiService] - 192.168.178.63: Creating a Samsung TV Smartthings Api service
2023-12-08 20:20:03.423 [TRACE] [ternal.service.SmartThingsApiService] - 192.168.178.63: SSE Starting job
2023-12-08 20:20:03.424 [INFO ] [ternal.service.SmartThingsApiService] - 192.168.178.63: SSE Creating Smartthings Subscription
2023-12-08 20:20:03.429 [TRACE] [ternal.service.SmartThingsApiService] - 192.168.178.63: subscription: {"subscriptionFilters":[{"type":"DEVICEIDS","value":["a5ee9b47-36fc-6509-9fbb-ef63f143872d"]}],"name":"OpenHAB Subscription"}
2023-12-08 20:20:03.431 [TRACE] [ternal.service.SmartThingsApiService] - 192.168.178.63: Sending https://api.smartthings.com:443/subscriptions
2023-12-08 20:20:03.516 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketArt connection error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-12-08 20:20:03.538 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketRemote connection error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-12-08 20:20:03.554 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketV2 connection error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-12-08 20:20:03.829 [TRACE] [ternal.service.SmartThingsApiService] - 192.168.178.63: SSE got subscription ID: 693f90fc-9109-4cc5-9f8d-346b4ae27cfc
2023-12-08 20:20:03.833 [TRACE] [ternal.service.SmartThingsApiService] - 192.168.178.63: Sending https://api.smartthings.com:443/v1/devices/a5ee9b47-36fc-6509-9fbb-ef63f143872d/components/main/status
2023-12-08 20:20:03.893 [TRACE] [nternal.service.MediaRendererService] - 192.168.178.63: Processing Mute:0
2023-12-08 20:20:03.912 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Received value 'channelName':'' for thing 'samsungtv:tv:db1698e7_fac9_4d6f_89e5_5e0990fcd418'
2023-12-08 20:20:03.922 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Received value 'channel':'-1' for thing 'samsungtv:tv:db1698e7_fac9_4d6f_89e5_5e0990fcd418'
2023-12-08 20:20:03.924 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Received value 'sourceName':'HDMI4' for thing 'samsungtv:tv:db1698e7_fac9_4d6f_89e5_5e0990fcd418'
2023-12-08 20:20:03.927 [DEBUG] [tv.internal.handler.SamsungTvHandler] - 192.168.178.63: Received value 'sourceId':'4' for thing 'samsungtv:tv:db1698e7_fac9_4d6f_89e5_5e0990fcd418'

@El_Duderino I’m still trying to figure this out, as everything seems Ok, the certificate on my TV is similar (self signed as well), but the CN is different.

Stupid question, is your java 17 installation up to date? Try updating your Pi 4 with sudo apt udate sudo apt upgrade, see if it makes any difference.

I’ll keep looking.

I did an update/upgrade but i didn’t even do much. I also clicked the Java 17 install in the openhabian-config tool, but I have a feeling it also didn’t do much but recognize that Java is already installed.

openhabian@openhabian:~ $ java --version
openjdk 17.0.9 2023-10-17
OpenJDK Runtime Environment (build 17.0.9+9-Raspbian-1deb11u1rpt1)
OpenJDK Client VM (build 17.0.9+9-Raspbian-1deb11u1rpt1, mixed mode, emulated-client)

I tried a bit to switch to version of the marketplace, but after installing the required Gson library, another dependency was missing (slf4j) and I had a feeling more would come, so I stopped trying.

I still get the same error messages…

@El_Duderino

There is no easy solution for this, other than adding the self signed certificate to your java cacerts - which is doable.

The stable version of OH 4.1 is due for release on dec 22nd. I suggest you wait for that, upgrade to the latest raspbian/OH4.1 and see what happens.

I can only currently build OH4.1 versions of the binding, so I cant really make you anything to try, and I’m not sure that is the solution anyway.

Here is a link to how to add the TV certificate to your java 17 cacerts:

I haven’t tried this, and I have no idea if it works on RPi4, java 17 etc.

Let me know how you get on.

Thanks Nick!
I did manage to add the two TV certificates to the local keystore.
Unfortunately it led to a new error message:

2023-12-15 19:42:30.583 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketRemote connection error No subject alternative names present
2023-12-15 19:42:30.609 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketArt connection error No subject alternative names present
2023-12-15 19:42:30.633 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketV2 connection error No subject alternative names present

My understanding is that the ip address, which is obviously not part of the certificate, causes this issue. My attempts to add an extension (which is apparently possible with keytool -ext “SAN=IP:192.168.178.63”) failed though. I am also wondering how that could even work as it seems that one would have to generate the certificate again to add this “SAN extension”, but then it doesn’t match the one from the TV anymore…

Will wait for 4.1.0 though to see if that helps. In the meantime I have managed to use the SmartThings approach for my purpose as well. Most importantly I want to turn it off/on (as I built my own Samsung Frame capability with that) and I managed to do that with the SmartThings Rest API, I also used it to read some status.

@El_Duderino

Sorry I’m not of much help. The problem is that the Subject CN of the TV certificate is invalid, and there are no SAN’s defined.

Yours is:

CN = Samsung SmartViewSDK Cert. G2

Which is invalid as a CN. Mine is:

CN = SmartViewSDK

Which is valid, and is what the binding uses.

It’s hard to work around an invalid certificate in a binding (who knows, maybe Samsung will fix it) - I don’t know what those spaces are in the CN (spaces are not allowed in the Subject CN, but many browsers will ignore them), they may be null bytes caused by improper UDF-16 encoding.

If you try:

 openssl s_client -connect 192.168.178.63:8002 2>/dev/null | openssl x509 -nameopt sep_comma_plus_space -text -noout

It might resolve the unknown white space. Which may or may not help.

You also can disable host validation for all of openhab (I think) by editing the file /etc/default/openhab and adding the following:

-Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true

To the end of EXTRA_JAVA_OPTS (with a space before it in the text string).

I don’t know if this really works, and it’s not recommended for production, but you could test it out.

Not sure if this is helpful or not, but I had similar issues on the googletv protocol inside the androidtv binding. The googletv device generated its own self signed certs (and would randomly regenerate them). Getting the trusts working was a pain. I had to pull them into a keystore and track it separately. I have a PR open in core to add some of this, but for now you can look at the binding and how it handles it.

Tried it, but unfortunately with no success. I also read about the VM parameter, but unfortuntately it didn’t change anything. Maybe it actually only works for LDAP, I don’t know.
I will probably at least try to let Samsung know about this. Otherwise all new TVs would potentially not be controllable with this binding, which would be a pity.
Not sure how much they will care…

@morph166955 Thanks, I’ll take a look.

Hello,

I have the same problem. Samsung TV 2023 model GQ55S95CATXZG. I updated to openHAB 4.1.0 Build #3799 as a test. That didn’t help. I also set up a fresh VM. The binding doesn’t work either. I also have a FHEM instance running. The TV works there. However, FHEM uses WS (8001). Switching OpenHAB to ws (8001) doesn’t work for me. Does anyone know if you can swap the TLS certificate with Tizen Studio?

Greetings Thomas

I’ll see if I can do something after Christmas. Maybe I can implement a none-secure websocket interface.

Hello,

I just did a TCP dump on the FHEM server. It looks like FHEM is using 8002.

Greetings Thomas

defmod TV SamsungAV 10.0.0.7 8001
attr TV alias TV
attr TV icon it_television
attr TV room WZ

setstate TV on
setstate TV 2023-11-08 17:54:37 .token xxx
setstate TV 2023-12-24 21:28:53 state on

23:00:20.765508 IP FHEM.44352 > SamsungTV.8002: Flags [S], seq 812974035, win 64240, options [mss 1460,sackOK,TS val 3881879480 ecr 0,nop,wscale 7], length 0
23:00:20.766113 IP SamsungTV.8002 > FHEM.44352: Flags [S.], seq 1301013578, ack 812974036, win 65160, options [mss 1460,sackOK,TS val 1443505493 ecr 3881879480,nop,wscale 7], length 0
23:00:20.766128 IP FHEM.44352 > SamsungTV.8002: Flags [.], ack 1, win 502, options [nop,nop,TS val 3881879480 ecr 1443505493], length 0
23:00:20.766379 IP FHEM.44352 > SamsungTV.8002: Flags [P.], seq 1:518, ack 1, win 502, options [nop,nop,TS val 3881879481 ecr 1443505493], length 517
23:00:20.766664 IP SamsungTV.8002 > FHEM.44352: Flags [.], ack 518, win 506, options [nop,nop,TS val 1443505493 ecr 3881879481], length 0
23:00:20.795596 IP SamsungTV.8002 > FHEM.44352: Flags [P.], seq 1:2515, ack 518, win 506, options [nop,nop,TS val 1443505522 ecr 3881879481], length 2514
23:00:20.795611 IP FHEM.44352 > SamsungTV.8002: Flags [.], ack 2515, win 491, options [nop,nop,TS val 3881879510 ecr 1443505522], length 0
23:00:20.795921 IP FHEM.44352 > SamsungTV.8002: Flags [P.], seq 518:598, ack 2515, win 501, options [nop,nop,TS val 3881879510 ecr 1443505522], length 80
23:00:20.796293 IP SamsungTV.8002 > FHEM.44352: Flags [.], ack 598, win 506, options [nop,nop,TS val 1443505523 ecr 3881879510], length 0
23:00:20.796304 IP FHEM.44352 > SamsungTV.8002: Flags [P.], seq 598:847, ack 2515, win 501, options [nop,nop,TS val 3881879511 ecr 1443505523], length 249
23:00:20.796543 IP SamsungTV.8002 > FHEM.44352: Flags [.], ack 847, win 505, options [nop,nop,TS val 1443505523 ecr 3881879511], length 0
23:00:20.796893 IP SamsungTV.8002 > FHEM.44352: Flags [P.], seq 2515:2754, ack 847, win 505, options [nop,nop,TS val 1443505524 ecr 3881879511], length 239
23:00:20.796998 IP SamsungTV.8002 > FHEM.44352: Flags [P.], seq 2754:2993, ack 847, win 505, options [nop,nop,TS val 1443505524 ecr 3881879511], length 239
23:00:20.797038 IP FHEM.44352 > SamsungTV.8002: Flags [.], ack 2993, win 501, options [nop,nop,TS val 3881879511 ecr 1443505524], length 0
23:00:20.797141 IP SamsungTV.8002 > FHEM.44352: Flags [P.], seq 2993:3144, ack 847, win 505, options [nop,nop,TS val 1443505524 ecr 3881879511], length 151
23:00:20.805194 IP FHEM.8083 > IntelNUC.52010: Flags [.], ack 905, win 501, options [nop,nop,TS val 509206642 ecr 3080629144], length 0
23:00:20.837251 IP FHEM.44352 > SamsungTV.8002: Flags [.], ack 3144, win 501, options [nop,nop,TS val 3881879552 ecr 1443505524], length 0

Hi,

I don’t know if a none-secure websocket will work. I read that the TV denies the connection.

wscat -n -c "ws://10.0.0.7:8001/api/v2/channels/samsung.remote.control?name=b3BlbkhBQg=="
Connected (press CTRL+C to quit)
< {"event":"ms.channel.unauthorized"}

error: Invalid WebSocket frame: invalid status code 1005

I’m having the same issues with Nvidia Shield Pro, have 3 of them and all of them are acting the same.

Anyway I could get your code/script on what you did to fix this?

Best, Jay

I don’t know that much about perl and its libraries, but I have had a brief look at the FHEM library that seems to work (https://github.com/mhop/fhem-mirror/blob/master/fhem/FHEM/70_SamsungAV.pm)

$socket = IO::Socket::SSL->new(PeerAddr=>"$dev:$port", SSL_verify_mode=>0,Timeout=>2, Blocking=>1, ReuseAddr=>1);

and it seems to me that it disables the SSL verification…

I guess we already figured as much but just stating that that’s apparentlly also how they solved it…

The problem is that disabling SSL host verification is quite difficult.

The current binding gets round it by specifying the host name, which is given in the certificate.

The new certificates from Samsung have an invalid host name, and no alternates specified, so it makes it more complicated.

@ThRi When you switched the port to 8001, did you also switch the protocol to WebSocket (not WebSocketSecure)?

Might be worth a try.

If anyone wants to try it, adding one or all of these:

 -Djdk.internal.httpclient.disableHostnameVerification=true -Djetty.sslContext.sniRequired=false -Djetty.ssl.sniHostCheck=false -Djetty.ssl.sniRequired=false

To EXTRA_OPTIONS in /etc/openhab/default is also worth a try.

I added all of them. At first I got my “subject alternative names present” error message.

When I removed the certificates I manually added, I got the inital error message:

023-12-27 19:42:29.888 [WARN ] [l.protocol.RemoteControllerWebSocket] - 192.168.178.63: WebSocketRemote connecting without Token, please accept the connection on the TV within 30 seconds
2023-12-27 19:42:29.890 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketRemote connecting to: wss://192.168.178.63:8002/api/v2/channels/samsung.remote.control?name=b3BlbkhBQg==
2023-12-27 19:42:29.894 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketArt connecting to: wss://192.168.178.63:8002/api/v2/channels/com.samsung.art-app?name=b3BlbkhBQg==
2023-12-27 19:42:29.897 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketV2 connecting to: wss://192.168.178.63:8002/api/v2?name=b3BlbkhBQg==
2023-12-27 19:42:29.900 [TRACE] [ternal.service.SmartThingsApiService] - 192.168.178.63: SSE Starting job
2023-12-27 19:42:29.901 [INFO ] [ternal.service.SmartThingsApiService] - 192.168.178.63: SSE Creating Smartthings Subscription
2023-12-27 19:42:29.906 [TRACE] [ternal.service.SmartThingsApiService] - 192.168.178.63: subscription: {"subscriptionFilters":[{"type":"DEVICEIDS","value":["a5ee9b47-36fc-6509-9fbb-ef63f143872d"]}],"name":"OpenHAB Subscription"}
2023-12-27 19:42:29.908 [TRACE] [ternal.service.SmartThingsApiService] - 192.168.178.63: Sending https://api.smartthings.com:443/subscriptions
2023-12-27 19:42:29.989 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketRemote connection error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-12-27 19:42:30.017 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketArt connection error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2023-12-27 19:42:30.042 [DEBUG] [ngtv.internal.protocol.WebSocketBase] - 192.168.178.63: WebSocketV2 connection error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Unfortunately didn’t seem to impact the VM behaviour…

Hi,
yes Port 8001 and protocol to WebSocket. A popup appears on the TV.

I have this:

EXTRA_JAVA_OPTS="-Djetty.keystore.path=/etc/openhab/ssl/keystore -Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true -Djdk.internal.httpclient.disableHostnameVerification=true -Djetty.sslContext.sniRequired=false -Djetty.ssl.sniHostCheck=false -Djetty.ssl.sniRequired=false"

added to /etc/default/openhab.

Here is the log:

2023-12-31 20:53:28.687 [INFO ] [g.samsungtv.internal.handler.WolSend] - 10.0.0.7: cancelling WOL Job
2023-12-31 20:53:29.190 [WARN ] [tv.internal.handler.SamsungTvHandler] - 10.0.0.7: Cannot connect to TV: java.util.concurrent.TimeoutException: Total timeout 500 ms elapsed
2023-12-31 20:53:29.190 [WARN ] [tv.internal.handler.SamsungTvHandler] - 10.0.0.7: Cannot get TVProperties - Retry: 1
2023-12-31 20:53:30.691 [WARN ] [tv.internal.handler.SamsungTvHandler] - 10.0.0.7: Cannot connect to TV: java.util.concurrent.TimeoutException: Total timeout 500 ms elapsed
2023-12-31 20:53:30.691 [WARN ] [tv.internal.handler.SamsungTvHandler] - 10.0.0.7: Cannot get TVProperties, return Empty properties
2023-12-31 20:53:34.840 [WARN ] [tv.internal.protocol.WebSocketRemote] - 10.0.0.7: Remote Control is not authorized, please allow access on your TV
2023-12-31 20:53:53.812 [WARN ] [rnal.service.RemoteControllerService] - 10.0.0.7: RemoteController is not connected
2023-12-31 20:53:53.812 [WARN ] [rnal.service.RemoteControllerService] - 10.0.0.7: TV is not responding - not reconnecting
2023-12-31 20:53:53.813 [INFO ] [g.samsungtv.internal.handler.WolSend] - 10.0.0.7: Send WOL packet to f8:4e:58:8a:74:41
2023-12-31 20:53:53.813 [INFO ] [g.samsungtv.internal.handler.WolSend] - 10.0.0.7: RemoteControllerService found after 0 attempts
2023-12-31 20:53:53.813 [INFO ] [g.samsungtv.internal.handler.WolSend] - 10.0.0.7: resend command ON to channel power in 2 seconds...
2023-12-31 20:53:53.813 [INFO ] [g.samsungtv.internal.handler.WolSend] - 10.0.0.7: cancelling WOL Job
2023-12-31 20:53:55.813 [WARN ] [rnal.service.RemoteControllerService] - 10.0.0.7: RemoteController is not connected
2023-12-31 20:53:55.813 [WARN ] [rnal.service.RemoteControllerService] - 10.0.0.7: TV is not responding - not reconnecting
2023-12-31 20:53:56.446 [WARN ] [rnal.service.RemoteControllerService] - 10.0.0.7: RemoteController is not connected
2023-12-31 20:53:56.446 [WARN ] [rnal.service.RemoteControllerService] - 10.0.0.7: TV is not responding - not reconnecting
2023-12-31 20:53:56.446 [WARN ] [tv.internal.handler.SamsungTvHandler] - 10.0.0.7: Channel 'keyCode' not connected/supported

Screenshot_20231231-2053471287×1781 173 KB