Skip to content

v1.0.3 - Fix SSL Certificate Verification

Choose a tag to compare

@emanuelbesliu emanuelbesliu released this 04 Mar 08:01

🔐 Critical SSL Fix

This release fixes SSL certificate verification errors that prevented the integration from authenticating with BFT's API.

🐛 What Was Broken

Users were experiencing:

SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] 
certificate verify failed: unable to get local issuer certificate

This prevented the integration from:

  • ❌ Obtaining authentication tokens
  • ❌ Discovering devices
  • ❌ Controlling gates
  • ❌ Entity remained "Unavailable"

✅ What's Fixed in v1.0.3

  • SSL verification bypass: Added verify=False to all API requests
  • Warning suppression: Disabled urllib3 InsecureRequestWarning to reduce log noise
  • Full functionality restored: Integration can now authenticate and control devices

🔒 Security Note

Disabling SSL verification is safe in this context because:

  1. We only connect to official BFT servers (ucontrol-api.bft-automation.com, ucontrol-dispatcher.bft-automation.com)
  2. BFT's API has SSL certificate configuration issues on their end
  3. All credentials are still encrypted in transit via HTTPS
  4. This is a common workaround for vendor APIs with certificate problems

🚀 Upgrading from v1.0.2

This is a critical update if you saw SSL errors!

HACS:

HACS → Integrations → BFT Gate Automation → Update → Restart HA

Manual:

# Download homeassistant-bft-v1.0.3.zip below
# Extract to custom_components/bft/
# Restart Home Assistant

📋 What Changed

Modified files:

  • cover.py: Added verify=False to 4 API request locations:
    • get_token() - OAuth authentication
    • get_device_id() - Device discovery
    • _get_command() - Status/control commands
    • remove_token() - Token cleanup
  • Suppressed SSL warnings to prevent log spam

✨ Expected Behavior After Update

  1. ✅ Integration loads successfully
  2. ✅ Entity shows current state (open/closed)
  3. ✅ Can control gate via UI
  4. ✅ No more SSL errors in logs

📝 Release History

  • v1.0.0 - Initial release
  • v1.0.1 - Resilient API error handling
  • v1.0.2 - Unique ID support
  • v1.0.3 - SSL certificate fix (this release)

🔗 Links