Greetings all!
I am using a couple of webviews to see a camera feed that comes from Blue Iris. On the browser it works great. On the android app it just shows a white square.
Since the app doesn’t show anything it is hard to tell why nothing shows up. Are there any logs I can look at on the app?
If it helps I am using the ssl version of the sitemap and the webview is also loading an ssl page.
Thanks!
Hi,
first of all, do you (and can you verify) that you have TCP connectivity between the Android device and the camera stream? Can you access it in the/a browser on the device?
What happens if you open the classic UI on the Android device?
Also, what do you mean by “using the SSL version of the sitemap”?
Cheers,
Pel
Thanks for giving me a hand!!!
Yes I can reach the camera feed on the android via a browser, the https address has a non-purchased security certificate so the browser warns you that it might be unsafe and then lets you proceed.
By classic UI do you mean the browser page? For some reason the browser isn’t taking my username/password for the OpenHAB sitemap this morning. I don’t think that is related…I will see what is up there. Might turn off authentication just to make sure everything else is good.
I am using the SSL sitemap address, as in https://IPAddress/openhap.app?sitemap…etc
I will report back once I figure out why my android doesn’t hit the classic UI.
Thanks again!
Hi,
you’re welcome! Yes, I call the ‘browser page’ the Classic UI. I think that’s the correct name for it, as there’s also the GreenT UI, Paper in OH2 and then all the 3rd party stuff like OpenHAB-dashboard and CometVisu. My apologies for the confusion.
When you access the camera feed, do you have to authenticate? If it’s using something like forms based authentication (vs plain) this could be a little tricky. I’ve used the following for some setups:
Image url="http://viewinguser:notsosecretpass@ipcam-04/cgi/jpg/image.cgi" label="IPCAM-04" refresh=3000
I’m not suggesting you start using a static, refreshing image, but with basic auth you should be able to put the credentials in the URL, if the security implications play nice with your requirements.
As for the authentication problem - I doubt it’s related, either.
I’ve found that when you have to authenticate with openHAB the phone apps will be unable to bring up the webviews. I think there is a github issue for it.
I do authenticate to the camera in the URL, https://IPADDRESS:PORT/mjpg/FD1?user=USERNAME&pw=PASSWORD
I removed authentication from the camera feed URL, turned off the need for it and altered my connecting URL to leave out the username/password. Again works in the browser but not the android app.
So I tried the iOS app to see what it does. It also doesn’t work but displays an error. HTTP error 500. Problem accessing /proxy. It goes on to say "sun.security.validator.validatorexception: PKIX path building failed: sun.security.certpath.SunCertPathBuilderException.
Seems the app doesn’t like something about a certificate??
Got my browser password issue worked out. It works on the android and on an iPad in their browser. Neither work in the openHAB app.
Hummm…
Ah, the dreaded Java SSL exception.
Basically, you would need to download the (invalid, self signed) certificate from your camera, add it to a Java Keystore (JKS file) and append a configuration parameter to use the JKS to the startup command for HabDroid. Whether that’s possible is beyond me
Also, you will need a password of >=8 chars on the JKS, otherwise it won’t load. I’ve had to do this for other apps… 
https://docs.oracle.com/cd/E19509-01/820-3503/ggfen/index.html
You have been most informative, and that seems like it is a bit involved. I don’t know how I would modify HabDroid and add the certificate either, I am not a droid expert at all. Seems like this would come up for just about anyone that wanted to use openHAB for security with cameras though…perhaps I can find a solution from someone.
I wonder if I could get a real certificate from a CA (who has the least expensive I wonder?) and if that would also fix the problem…
Uh, yes, you got me there. The correct solution is to get a trusted certificate, however I guess that goes beyond the scope of most people’s design (unless you play it smart and get a wildcard certificate). Another alternative would be to avoid using SSL, but depending on your network environment, this may not be secure.
I think a nice workaround would be for HabDroid to simply ignore invalid certificates. Ideally, this would be an option in the preferences dialog and disabled by default. After all, spending money because software which you own doesn’t do what you want sort of violates the ‘free software ethic’ (or at least damages my ego)…
It’s probably just a case of setting a few properties in the source code, but @belovictor needs to call the shot.
// SSL Error Tolerant Web View Client
private class SSLTolerentWebViewClient extends WebViewClient {
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
handler.proceed(); // Ignore SSL certificate errors
}
}