private final Logger logger = LoggerFactory.getLogger(HueTlsTrustManagerProvider.class);
+ private @Nullable PEMTrustManager trustManager;
+
public HueTlsTrustManagerProvider(String hostname, boolean useSelfSignedCertificate) {
this.hostname = hostname;
this.useSelfSignedCertificate = useSelfSignedCertificate;
@Override
public X509ExtendedTrustManager getTrustManager() {
+ PEMTrustManager localTrustManager = getPEMTrustManager();
+ if (localTrustManager == null) {
+ logger.error("Cannot get the PEM certificate - returning a TrustAllTrustManager");
+ }
+ return localTrustManager != null ? localTrustManager : TrustAllTrustManager.getInstance();
+ }
+
+ public @Nullable PEMTrustManager getPEMTrustManager() {
+ PEMTrustManager localTrustManager = trustManager;
+ if (localTrustManager != null) {
+ return localTrustManager;
+ }
try {
if (useSelfSignedCertificate) {
logger.trace("Use self-signed certificate downloaded from Hue Bridge.");
// use self-signed certificate downloaded from Hue Bridge
- return PEMTrustManager.getInstanceFromServer("https://" + getHostName());
+ localTrustManager = PEMTrustManager.getInstanceFromServer("https://" + getHostName());
} else {
logger.trace("Use Signify private CA Certificate for Hue Bridges from resources.");
// use Signify private CA Certificate for Hue Bridges from resources
- return getInstanceFromResource(PEM_FILENAME);
+ localTrustManager = getInstanceFromResource(PEM_FILENAME);
}
+ this.trustManager = localTrustManager;
} catch (CertificateException | MalformedURLException e) {
- logger.error("An unexpected exception occurred - returning a TrustAllTrustManager: {}", e.getMessage(), e);
+ logger.debug("An unexpected exception occurred: {}", e.getMessage(), e);
}
- return TrustAllTrustManager.getInstance();
+ return localTrustManager;
}
/**
"@text/offline.conf-error-no-ip-address");
} else {
if (hueBridge == null) {
- if (HueBridgeConfig.HTTPS.equals(hueBridgeConfig.protocol)) {
- // register trustmanager service
- HueTlsTrustManagerProvider tlsTrustManagerProvider = new HueTlsTrustManagerProvider(
- ip + ":" + hueBridgeConfig.getPort(), hueBridgeConfig.useSelfSignedCertificate);
- serviceRegistration = FrameworkUtil.getBundle(getClass()).getBundleContext()
- .registerService(TlsTrustManagerProvider.class.getName(), tlsTrustManagerProvider, null);
- }
-
hueBridge = new HueBridge(httpClient, ip, hueBridgeConfig.getPort(), hueBridgeConfig.protocol,
scheduler);
updateStatus(ThingStatus.UNKNOWN);
+
+ if (HueBridgeConfig.HTTPS.equals(hueBridgeConfig.protocol)) {
+ scheduler.submit(() -> {
+ // register trustmanager service
+ HueTlsTrustManagerProvider tlsTrustManagerProvider = new HueTlsTrustManagerProvider(
+ ip + ":" + hueBridgeConfig.getPort(), hueBridgeConfig.useSelfSignedCertificate);
+
+ // Check before registering that the PEM certificate can be downloaded
+ if (tlsTrustManagerProvider.getPEMTrustManager() == null) {
+ updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.CONFIGURATION_ERROR,
+ "@text/offline.conf-error-https-connection");
+ return;
+ }
+
+ serviceRegistration = FrameworkUtil.getBundle(getClass()).getBundleContext().registerService(
+ TlsTrustManagerProvider.class.getName(), tlsTrustManagerProvider, null);
+
+ onUpdate();
+ });
+ } else {
+ onUpdate();
+ }
+ } else {
+ onUpdate();
}
- onUpdate();
}
}
# thing status descriptions
offline.communication-error = An unexpected exception occurred during execution.
+offline.conf-error-https-connection = HTTPS secure connection failed. Please check your configuration settings (network address, protocol, port, type of certificate) and change protocol to http when using a V1 bridge.
offline.conf-error-invalid-ssl-certificate = Invalid certificate for secured connection. You might want to enable the "Use Self-Signed Certificate" configuration.
offline.conf-error-no-ip-address = Cannot connect to Hue Bridge. IP address not available in configuration.
offline.conf-error-no-username = Cannot connect to Hue Bridge. User name for authentication not available in configuration.
projects / openhab-addons.git / commitdiff