Enable debug mode
Host install
To see the status of the service enter the following command:
sudo systemctl status hue-emulator
The easyest way to see the logs is to enter the following command:
journalctl -o cat -xefu hue-emulator.service -n 100
This will show the lasst 100 messages and follow the logs.
The other method have some more steps.
Stop the hue-emulator service:
sudo systemctl stop hue-emulator
Change directory to the application home directory:
cd /opt/hue-emulator
Start the script with
sudo ./HueEmulator3.py --debug
Try to avoid unnecessary debugging output generated by other devices that you know work correctly fine such as home assistant, and working lights. The easiest method to prevent this is by temporally turning the working devices off. It is important to save a backup of your config file before entering debug mode and if any changes to your config are made while in debug mode to save the config manually before issuing the keyboard interrupt to stop debug mode. You can do this by issuing an HTTP request from your browser to http://IP.OF.DIY.HUE/save. This will save your configuration file to the DIYHue working directory (/opt/hue-emulator/ if using the easy-install method).
Docker install
Add the following environment variable to your docker run command. This can be set to true or false to turn debug on or off.
-e "DEBUG=true"
Docker compose
Add the following environment variable to your docker compose file. This can be set to true or false to turn debug on or off.
DEBUG: true
OpenWrt Install
See the getting started page how to add logs to the LuCi.
Home Assistant Addon
Enable debug in the configuration screen of the addon page.
HTTPS certificate check
To test the https certificate you can use this command from the terminal of the device running diyHue:
curl https://127.0.0.1/api/nouser/config -v -k
Sample output:
pi@raspberrypi:~ $ curl https://127.0.0.1/api/nouser/config -v -k
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=NL; O=Philips Hue; CN=b827ebfffec8991c
* start date: Jul 22 17:40:03 2018 GMT
* expire date: Jul 19 17:40:03 2028 GMT
* issuer: C=NL; O=Philips Hue; CN=b827ebfffec8991c
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET /api/nouser/config HTTP/1.1
> Host: 127.0.0.1
> User-Agent: curl/7.52.1
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx
< Date: Tue, 11 Sep 2018 12:43:26 GMT
< Content-type: application/json
< Content-Length: 227
<
* Curl_http_done: called premature == 0
* Connection #0 to host 127.0.0.1 left intact
{"name":"Philips hue","factorynew":false,"mac":"b8:27:eb:c8:99:1c","datastoreversion":70,"bridgeid":"B827EBFFFEC8991C","modelid":"BSB002","swversion":"1806051111","replacesbridgeid":null,"starterkitid":"","apiversion":"1.24.0"}
Here are the important lines:
issuer: C=NL; O=Philips Hue; CN=b827ebfffec8991c
and
{"name":"Philips hue","factorynew":false,"mac":"b8:27:eb:c8:99:1c","datastoreversion":70,"bridgeid":"B827EBFFFEC8991C","modelid":"BSB002","swversion":"1806051111","replacesbridgeid":null,"starterkitid":"","apiversion":"1.24.0"}
The CN value of the certificate must be the same as the bridgeid key from the json output. This must also represent the mac address of the main interface with fffe in the middle.