Secure Connection in Android App

Dear all,

I am using the Android app to control my OpenHab 2.5 M1 based home automation system.

Now I would naively assume that the app uses the certificates provided by OpenHab. But in the screenshot you notice that the lokal connection is unsecure and the SSL certificate is not set.

Furthermore, I receive a warning during the first connection that the certificate is not valid due to wrong server name in the certificate.

Is this the expected behaviour?

Thanks,
Tobias

It is because it’s only http traffic. This is completely fine if it happens only in your local network and you trust everyone using it.

This is the setting for client certificate.

Because it is a self signed certificate by your server. You accept it if you are sure that it’s from your server.

Yes :+1:

1 Like

“Insecure” will disappear if you configure a reverse proxy with https and authentication. However in you local network, you don’t need to do this.

1 Like

Thanks to everyone.

So how would one enable a certificate? Do I need to import something from the server?

Is there a more secure approach for remote access via myOpenHAB?

you don’t need to do anything about the certificate. Just accept it in your local network.

I think you are confused with secure/unsecure realted to local/remote a bit. In your local network, you (basically) don’t need to bother about unsecure(http) oder secure (https) connection. As long as you know what happens in your network and which devices/persons are in it, it’s fine.

There are several ways for remote connection and all are documented and throughly discussed in this forum. The easiest way ist to us myopenhab, which is funded by openhab e.V. If you create an account there and connect your OH instance with it, the connection is secured by https.

1 Like

You can forget this as @NoneWhereTo stated. Not needed for a remote connection. It is a way to make the connection even more secure and passwordless. Google tells you about certificates if you wan’t to know more.

I would also recomend you to use myOpenHAB for easy and secure remote connection.

This my question too. It looks like Android app needs a certificate installed. Where do I get this? Here are some screen shots.

Here is my second screen shot.

You quoted a question @gitMiguel already quoted from someone else. Did you read and understand what @gitMiguel answered?

1 Like

It really doesn’t need any certificates. They are optional.

You have to make them.

Please get your self familiar with server and client certificates and how to setup them. As I stated in my earlier post google is your friend. Here’s a few links to get you started:

Can you make a screenshot of the preference subpages (local and remote)? You should redact the user name before posting.

There’s a post by @slawekjaranowski about SSL client certificates: Using NGINX Reverse Proxy for client certificate authentication - start discussion

In fact that one is opened when touching the question mark in the screenshot :wink:
Maybe we could/should improve context by linking the help icon to a short docs page giving a bit of context, which then links to the discussion thread.

That’s a good idea :+1:

Did you change something? Or does it still show “Insecurely connected to myopenHAB” on the main settings page?

No.

Still the same. It says “Insecurely connected” but it’s not connected like I explain in the next post.

I am adding this info in hopes it will shed more light on it. On my phone I can login fine to myopenHAB.org using a browser but not with the app. This is what I get when trying to connect remotely.

There’s a bug that causes all connections shown as insecure: https://github.com/openhab/openhab-android/pull/1649