I'm attempting to send an HTTP request when a motion sensor detects movement. I've setup the trigger in the Home app, and chose "Convert to Shortcut", now I'm trying to get the "Get contents of URL" shortcut action to work.
I'm running the target web server (a little Node.js app) on my local network.
I originally tried to use a simple http server, but was getting the error:
Since I can't get a LetsEncrypt cert for a local IP address I generated a self-signed certificate with the instructions outlined here: https://stackoverflow.com/a/24749608 I additionally installed the root CA on all my HomePods and my phone using a "DER format crt" also described in that post. Now I'm getting another error:
Thank you!
A note for anyone trying to reproduce this: the errors I'm quoting are shown when you click the play button at the bottom of the shortcut editing/creation screen ("Home" app > "Automations" tab > "+" button > setup any trigger > "Convert To Shortcut" at the bottom of the action selector > "▶️" button). Clicking "Test automation" after creating the automation, or using the actual Shortcuts app will give misleading results.
I'm running the target web server (a little Node.js app) on my local network.
I originally tried to use a simple http server, but was getting the error:
Assuming that HomeKit was converting my http URL to https automatically I moved my service to a domain where I have LetsEncrypt setup, added support for simple token based auth via headers, and tried again. This time I got the error:An SSL error has occurred and a secure connection to the server cannot be made.
I triple checked my spelling, verified that the request worked from my Mac and iOS Safari, then concluded that the HomePod (my current home hub) doesn't do domain name resolution like I expect and I need to use an IP address instead.A server with the specified hostname could not be found
Since I can't get a LetsEncrypt cert for a local IP address I generated a self-signed certificate with the instructions outlined here: https://stackoverflow.com/a/24749608 I additionally installed the root CA on all my HomePods and my phone using a "DER format crt" also described in that post. Now I'm getting another error:
Installing root certs into my HomePods feels a little reckless, so I'm going to go reset them to factory settings and hope that someone here has some guidance as to what I need to do to make my service eligible for the "Get Contents of URL" shortcut.The certificate for this server is invalid. You might be connecting to a server that is pretending to be "192.168.7.77" which could put your confidential information at risk.
Thank you!
A note for anyone trying to reproduce this: the errors I'm quoting are shown when you click the play button at the bottom of the shortcut editing/creation screen ("Home" app > "Automations" tab > "+" button > setup any trigger > "Convert To Shortcut" at the bottom of the action selector > "▶️" button). Clicking "Test automation" after creating the automation, or using the actual Shortcuts app will give misleading results.
Presumably you have no ability to custom the HTTPS server trust evaluation done by the various subsystems you’re using. In that case your only option is to configure your server with a digital identity whose certificate is trusted by the client. Normally Let’s Encrypt is a good option for this but, as you mentioned, there’s no way to support local addresses in that case. The other option is to run your own CA. I regularly do this using the instructions in QA1948 HTTPS and Test Servers.
As to whether that’s “reckless”, that’s really your decision to make. The only other way I can see out of your conundrum is to host your server on the public Internet, which allows you to use Let’s Encrypt and so on.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
As to whether that’s “reckless”, that’s really your decision to make. The only other way I can see out of your conundrum is to host your server on the public Internet, which allows you to use Let’s Encrypt and so on.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@apple.com"
