Error: Hostname/IP doesn't match certificate's altnames (http request node - post)

[Tony Neal]

Hi

Is there a way to get around this error?

{ "topic": "", "payload": "Error: Hostname/IP doesn't match certificate's altnames: \"Host: api.prod.bgchprod.info. is not in the cert's altnames: DNS:*.bgchprod.info, DNS:bgchprod.info\" : https://api.prod.bgchprod.info:443/auth/sessions", "_msgid": "3def6ab7.c21096", "headers": { "Content-type": "application/vnd.alertme.zoo-6.1+json", "Accept": "application/vnd.alertme.zoo-6.2+json", "Content-Type": "application/*+json", "X-AlertMe-Client": "Hive Web Dashboard" } }

I see from Node.js discussions about node needing to use rejectUnauthorized: false 

but this may be insecure..... any thoughts on solving this. I have tried removing the https but I then get a Error: socket hang up : 

I am  trying to retrieve values for a British Gas hive system and this flow is supposed to login me in and return a session ID

[{"id":"17ced1d2.e8312e","type":"inject","z":"8099d500.7f6628","name":"","topic":"","payload":"","payloadType":"date","repeat":"","crontab":"","once":false,"x":180,"y":1360,"wires":[["e851772a.17ae88"]]},{"id":"e851772a.17ae88","type":"function","z":"8099d500.7f6628","name":"","func":"msg.headers = {\n    \"Content-type\" : \"application/vnd.alertme.zoo-6.1+json\",\n    \"Accept\" : \"application/vnd.alertme.zoo-6.2+json\",\n    \"Content-Type\" : \"application/*+json\",\n    \"X-AlertMe-Client\" : \"Hive Web Dashboard\"\n};\n\nmsg.payload = {\n    \"sessions\":[{\n        \"username\":\"user\",\n        \"password\":\"password\"\n    }]\n};\n\nreturn msg;\n","outputs":1,"noerr":0,"x":330,"y":1360,"wires":[["cc81d52d.337e28"]]},{"id":"cc81d52d.337e28","type":"http request","z":"8099d500.7f6628","name":"","method":"POST","ret":"obj","url":"https://api.prod.bgchprod.info:443/auth/sessions","x":490,"y":1360,"wires":[["e157231e.1ea8e"]]},{"id":"e157231e.1ea8e","type":"debug","z":"8099d500.7f6628","name":"","active":true,"console":"false","complete":"true","x":650,"y":1360,"wires":[]}]

Tony

[Mark Setrem]

Any reason why you are using that specific server?

There is a node-red node for hive which I had remembered seeing

Its available on github (but not published to npm)  https://github.com/aklambeth/node-red-contrib-hive this uses the authors own npm package https://github.com/aklambeth/bg-hive-api

This appears to connect to: https://api.bgchlivehome.co.uk/v5

[Tony Neal]

Yes, using that server because I want to use the v6 API.... I have some problems with the node that you suggested (using the latest branches) as it crashes my node red server after a while.

[Julian Knight]

This is a configuration error by BG. They are not covering the API servers with their certs. They probably should have used a wildcard cert.

There is no way round this other than the one you've already found which will ignore the error. I'd raise a support call to BG as well to see if they will fix the issue.

[Tony Neal]

Thanks Julian

[Tony Neal]

Hi Julian, just a thought - I didn't manage to get the "ignore error" bit working. Do you know how to install that fix?

On Monday, 21 March 2016 01:10:15 UTC, Julian Knight wrote:

[Tony Neal]

Just for completeness, this the the CURL that I am trying to emulate:

curl -v -k --cookie-jar cookie.jar -g -H "Content-Type: application/vnd.alertme.zoo-6.1+json" -H "Accept: application/vnd.alertme.zoo-6.2+json" -H "Content-Type: 'application/*+json'" -H "X-AlertMe-Client: Hive Web Dashboard" -d '{"sessions":[{"username":"<YOURHIVE EMAIL>","password":"<YOUR HIVE PASSWORD>","caller":"<ANYTHING>"}]}' https://api.prod.bgchprod.info:443/omnia/auth/sessions