Wink dns error

[Jborn4christ]

This started about an hour ago out of nowhere. Homebridge has been running fine for months on my mac. Now this pops in terminal.

error at req: { Error: Hostname/IP doesn't match certificate's altnames: "Host: winkapi.quirky.com. is not in the cert's altnames: DNS:.wink.com, DNS:wink.com"
at Object.checkServerIdentity (tls.js:199:17)
at TLSSocket. (_tls_wrap.js:1068:29)
at emitNone (events.js:86:13)
at TLSSocket.emit (events.js:185:7)
at TLSSocket._finishInit (_tls_wrap.js:586:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:416:38)
reason: 'Host: winkapi.quirky.com. is not in the cert's altnames: DNS:.wink.com, DNS:wink.com',
host: 'winkapi.quirky.com',
cert:
{ subject: { OU: [Object], CN: '.wink.com' },
issuer:
{ C: 'GB',
ST: 'Greater Manchester',
L: 'Salford',
O: 'COMODO CA Limited',
CN: 'COMODO RSA Domain Validation Secure Server CA' },
subjectaltname: 'DNS:.wink.com, DNS:wink.com',
infoAccess: { 'CA Issuers - URI': [Object], 'OCSP - URI': [Object] },
modulus: 'E9A3B814D4DD0A1D61DB001F5135637CAC306E78B35AF5C57A6CFF6D7FF5B7C7B738EF6FA41C4D7D4BA07D294A2A20A690D4981B31376A9BF1A05E58F53F7274D27F696F312805A0EB1FCAE1CA2B169559B0FC43129F2CA684728E92F12D314D0CCDF2EA2E29673D6F6C4C039BBF226C055FE407FB0272C29C3474CE3EBE5F21EAF02AFD937B61FB7A0BAE992A12CD1AC4C4EA069175D72B9F0F6CE54DD79075DA930BAA450EC287CDE868870D81ACC4A3FD4109FBFD3EFA8D60F532A0C03C23E80B25BE7EF362C79B33F2F9BBF1C3463F55E2416F296B613D21E1D9E45EE2F61FAB30F991BE25668E13B59043D214792421F1000EFBD28797E9C593D2A17DF5',
exponent: '0x10001',
valid_from: 'Jan 18 00:00:00 2016 GMT',
valid_to: 'Apr 17 23:59:59 2019 GMT',
fingerprint: '04:84:42:66:E3:EC:1C:FB:D9:AB:A7:85:20:81:BE:B4:CD:A8:DC:EC',
ext_key_usage: [ '1.3.6.1.5.5.7.3.1', '1.3.6.1.5.5.7.3.2' ],
serialNumber: 'E84177AB21D3317EADE71FDE938A41C8',
raw: <Buffer 30 82 05 47 30 82 04 2f a0 03 02 01 02 02 11 00 e8 41 77 ab 21 d3 31 7e ad e7 1f de 93 8a 41 c8 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 90 ... > } }

[thechrisreese]

Same here. I can curl into winkapi.quirky.com but something is happening with their certificate.

[Jborn4christ]

I wonder if there's a way to modify the plugin to bypass the certificate check

[robertvorthman]

Same issue here

[thechrisreese]

I called Wink and sent the error. They have to update their cert to fix.

Anyone know ever told.js is located

[thechrisreese]

tls.js that is

[thechrisreese]

They degraded this and only support API v2 now. Homebridge-wink won't work until we update this for V2 API

[robertvorthman]

The error is reported from a dependency, wink.js index.js line 88.

https://github.com/winfinit/wink-js/blob/master/index.js#L88

req.on('error', function(e) { console.error("error at req: " ,e); });

[thechrisreese]

They are only supporting API.wink.com in their certificates. Not sure what needs to change to update for the new API. I have V2 credentials and I know HomeAssistant uses it as well.

Any help @KraigM?

[robertvorthman]

I found a temporary fix. Add "rejectUnauthorized: false" to the http options in wink-js index.js, then restart homebridge.

The file I edited was at this path in my Raspberry Pi
/usr/local/lib/node_modules/homebridge-wink/node_modules/wink-js/index.js

Edit line 40 so it looks like this:

var options = {
	  hostname: data.host || winkUri,
	  port: data.port || winkPort,
	  path: data.path,
	  //since we are listening on a custom port, we need to specify it by hand
	 // port: '1337',
	  //This is what changes the request to a POST request
	  method: data.method,
	  headers: {},
	  rejectUnauthorized: false
};`

[thechrisreese]

@robertvorthman now i am getting
SyntaxError: Unexpected end of JSON input
at Object.parse (native)
at IncomingMessage. (/Users/TVMac/.nvm/versions/node/v6.3.1/lib/node_modules/homebridge-wink/node_modules/wink-js/index.js:68:19)
at emitNone (events.js:91:20)
at IncomingMessage.emit (events.js:185:7)
at endReadableNT (_stream_readable.js:975:12)
at _combinedTickCallback (internal/process/next_tick.js:74:11)
at process._tickCallback (internal/process/next_tick.js:98:9)
raw message
/Users/TVMac/.nvm/versions/node/v6.3.1/lib/node_modules/homebridge-wink/index.js:143
for (var i = 0; i < devices.data.length; i++) {
^

TypeError: Cannot read property 'data' of undefined
at /Users/TVMac/.nvm/versions/node/v6.3.1/lib/node_modules/homebridge-wink/index.js:143:33
at /Users/TVMac/.nvm/versions/node/v6.3.1/lib/node_modules/homebridge-wink/node_modules/wink-js/index.js:241:9
at IncomingMessage. (/Users/TVMac/.nvm/versions/node/v6.3.1/lib/node_modules/homebridge-wink/node_modules/wink-js/index.js:75:7)
at emitNone (events.js:91:20)
at IncomingMessage.emit (events.js:185:7)
at endReadableNT (_stream_readable.js:975:12)
at _combinedTickCallback (internal/process/next_tick.js:74:11)
at process._tickCallback (internal/process/next_tick.js:98:9)

[robertvorthman]

@thechrisreese Paste the part of the code that you changed, maybe you have a syntax error.

[thechrisreese]

@robertvorthman

var options = {
hostname: data.host || winkUri,
port: data.port || winkPort,
path: data.path,
//since we are listening on a custom port, we need to specify it by hand
// port: '1337',
//This is what changes the request to a POST request
method: data.method,
headers: {},
rejectUnauthorized: false
};

[Jborn4christ]

@thechrisreese
Nice fix! I figured there would be a quick workaround until a permanent fix is written in. Thanks.

[robertvorthman]

@thechrisreese I don't know why you're getting that error. Does the fix work for anyone else?

Looking at the stack trace, line 68 of wink-js seems to be parsing the response from the Wink server but the response must now be invalid JSON. I'm not sure why making the same change as me would result in the server giving you a null or invalid JSON string, because it works for me and I can control my lights now. Wish I could be more help but I'm not familiar with how the wink-js library works. Maybe it's network related?

[thechrisreese]

so here is my fix - go to Home Assistants webpage https://home-assistant.io/components/wink/ and use their page to make an Auth Token.

In Wink.js/index.js change line 6 from undefined to your token. Change line 7 from undefined to api.wink.com. Change line 142 from the winkapi.quirky.com to api.wink.com.

Now things are working until i find breaking issues.

[robertvorthman]

@thechrisreese Your fix works for me. Thanks.

[thechrisreese]

@robertvorthman group effort! your fix pointed me to what I needed to do.

[thechrisreese]

FYI Wink sent me a note that they did update their cert after I asked.

[robertvorthman]

LOL good times

[pdlove]

Are y'all still having issues? I can't reproduce the problem outlined here.

[thechrisreese]

@pdlove Wink repaired the certificate after I let them know it was happening. I still suggest moving to V2 as I am having far better connectivity.

[Jborn4christ]

Excellent job, everyone! Just switched my method to the V2 as suggested by @thechrisreese. All is good.

[thechrisreese]

FYI this causes an ECONNRESET but so far I have not seen functionality decreased.

[Jborn4christ]

So far so good.

[pdlove]

@Jborn4christ Are you saying a v2 key is working fine for you? The last I knew the node wink api we are using doesn't work properly with v2.

[robertvorthman]

The v2 keys seem to work now. The key didn't work when I tried a few months ago, but I switched to v2 yesterday after I saw @Jborn4christ's comment .

My lights don't seem any faster, but it is still less than 1 second delay from pressing the button in the home app to the lights turning on, so I don't expect it could get much faster.

Wink support sent me my API key in August, so I assume that is v2.