SSL Issues?

[jkporter]

I just got an EnergySmart bridge and attempted to utilize this addon. Unfortunately, it's not working for me and no connections seem to make it to the MQTT bridge. I can confirm that DNS is working as expected and the EnergySmart bridge is sending its requests to Home Assistant.

Doing some testing locally on Windows with NGINX 1.24 I get the following using the same settings in the provided nginx.conf.

2024/12/10 17:24:46 [info] 37008#42412: *43 client 192.168.1.65:4098 connected to 0.0.0.0:443
2024/12/10 17:24:46 [info] 37008#42412: *43 peer closed connection in SSL handshake while SSL handshaking, client: 192.168.1.65, server: 0.0.0.0:443.

Attempting to use Kestrel directly (started a rewrite on top asp.net core) produces this error each time a request is made:

dbug: Microsoft.AspNetCore.Server.Kestrel.Connections[39]
      Connection id "0HN8PHBJD0E7B" accepted.
dbug: Microsoft.AspNetCore.Server.Kestrel.Connections[1]
      Connection id "0HN8PHBJD0E7B" started.
dbug: Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets[6]
      Connection id "0HN8PHBJD0E7B" received FIN.
dbug: Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware[1]
      Failed to authenticate HTTPS connection.
      System.IO.IOException: Received an unexpected EOF or 0 bytes from the transport stream.
         at System.Net.Security.SslStream.ReceiveHandshakeFrameAsync[TIOAdapter](CancellationToken cancellationToken)
         at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)
         at System.Net.Security.SslStream.ProcessAuthenticationWithTelemetryAsync(Boolean isAsync, CancellationToken cancellationToken)
         at Microsoft.AspNetCore.Server.Kestrel.Https.Internal.HttpsConnectionMiddleware.OnConnectionAsync(ConnectionContext context)
dbug: Microsoft.AspNetCore.Server.Kestrel.Connections[2]
      Connection id "0HN8PHBJD0E7B" stopped.
dbug: Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets[7]
      Connection id "0HN8PHBJD0E7B" sending FIN because: "The Socket transport's send loop completed gracefully."

After inspecting wireshark connection seems to fail after Server Hello with both NGINX and Kestrel

Essentially wondering if there any thoughts as to why it appears SSL handshake isn't completing. Thanks.

[starsoccer]

Sorry for the delay, can you elaborate on what issue you had using this addon?

Regarding SSL, it took me a long time but something seems to have changed between nginx versions with SSL as I was having the same issue until I pinned the nginx version. Bumping it immediately breaks things.

[jkporter]

Thanks for the reply.

Basically, the energy smart meter attempts to connect to the home assistant addon but doesn't appear to succeed past trying to setup the SSL session and then connection is dropped. In an effort to investigate why I setup my own NGNIX server with version that was supposed to still work and a certificate that was generated matching the command in the Docker file:

RUN openssl req -nodes -new -x509 -sha1 -subj '/CN=energysmartwaterheater.com' -keyout /etc/nginx/energysmartwaterheater.com.key -out /etc/nginx/energysmartwaterheater.com.crt -days 3650

I also wrote my own application (in .Net/C#) to test further.

Both appear to report similar SSL connection failures which I assume is also happing with the addon.