Tradfri coap usage will change #10252
Comments
hvanderlaan
changed the title
|
Is this update already rolled out ? I updated my gw and now its not working anymore. Could this be a reason? |
|
Yes, seem to be related. My IKEA app said "a security has been installed". Edit: |
|
The is and issue already raised |
|
I didn’t update the gateway yet so i would not know. But there is No new iPhone app therefor i think it is not yet fully implemented. |
|
Couldn't a malicious script just register an identity and then be evil? Or is this part of a wider plan. Just curious :) |
|
@csjames i think it is because of the Apple HomeKit integration that is pending thuis fall. I will try to update my personal code with an init function. That will request a psk and place that in de configfile. That will resolve this issue with my code. This could also be a fix for home-assistant. |
|
The iOS app is released tomorrow according to IKEA. The app will generate the code necessary to active HomeKit |
|
Seems like this update just hit me, and my Home Assistant cannot longer talk to Trådfri |
|
I'd say kudos to IKEA for reaching out with that email! |
|
I've just seen that the update as arrived. Gateway is running version: 1.2.42. coap-client -m get -u "IDENTITY" -k "PRE SHARED KEY" "coaps://IP_ADDRESS:5684/15011/15012" 2> /dev/null
# Apple HomeKit code looks like: { ... 9083: XXX-XX-XXX, ...}
# XXX-XX-XXX is your HomeKit code
# { ... 9029: 1.2.42, ... } is the version |
|
The brand new pytradfri 4.0.1 should support the new DTLS identity methods. |
|
Hi After the command coap-client -m post -u "Client_identity" -k "SECURITY_CODE" -e '{"9090":"IDENTITY"}' "coaps://IP_ADDRESS:5684/15011/9063" e can get another key, but after put it on HomeAssistant I get this error: [coap] Fatal DTLS error: code 20 Then I tried to generate another key with another identity but it gives the same error. What can I do? Do I have to wait for a hass update? |
|
@grischard Thanks |
|
When will a new release of Home Assistant including this pull request be available? |
|
@dennismadsen this weekend if all goes well. |
Hey Guy's,
I was the creator of one of the first Tradfri python scripts on GitHub, and had close communication with the IKEA Tradfri team. They send me the following email. You maybe need to change the api call to the Tradfri gateway.
Hi,
We at IKEA would like to inform you about a change to our TRÅDFRI Gateway. We are very happy to see your interest in our gateway and have seen that you are using the CoAP interface. We consider the CoAP interface as our internal interface not developed for third party usage and therefore we do not offer any technical support for this usage. However that does not mean that we want to hinder your work in any way.
There are some security improvements in a soon coming update that we would like to inform you about since it will break your implementation. Technically the improvement is that the TRÅDFRI Gateway will start using DTLS Identities which you will need to handle in your application.
Please use the Following string to connect to the TRÅDFRI Gateway and create a new DTLS Identity.
coap-client -m post -u "Client_identity" -k "SECURITY_CODE" -e '{"9090":"IDENTITY"}' "coaps://IP_ADDRESS:5684/15011/9063"
SECURITY_CODE is what is labelled on the Gateway label, IDENTITY is any string that is representing the connection.
You will then get back a PRE_SHARED_KEY that can be use in all traffic after that.
coap-client -m get -u "IDENTITY" -k "PRE_SHARED_KEY" "coaps://IP_ADDRESS:5684/15001"
We also would like to request that the SECURITY_CODE that is printed on the gateway is never stored permanently in your application.
This information is ok to spread online but please remove my email address.
Best regards
IKEA of Sweden Trådfri team
The text was updated successfully, but these errors were encountered: