CFUG Posted June 15, 2018 Share Posted June 15, 2018 ^Only for those on 2.10+, right? I don't see this functionality on 2.9... Link to comment Share on other sites More sharing options...
c4inATX Posted June 15, 2018 Share Posted June 15, 2018 It is crazy that this is a paid for product and C4 has not made a priority of fixing it within multiple business days. For all of us HE users, we are effectively cut off from our systems. I may be new to this forum but I am not new to home automation. C4 - provide an update ASAP or all of us should start calling our dealers and demanding a refund for our HE purchases. I'm sure our dealers will call into C4 so save yourself the headache. Link to comment Share on other sites More sharing options...
Pounce Posted June 15, 2018 Share Posted June 15, 2018 7 minutes ago, c4inATX said: It is crazy that this is a paid for product and C4 has not made a priority of fixing it within multiple business days. For all of us HE users, we are effectively cut off from our systems. I may be new to this forum but I am not new to home automation. C4 - provide an update ASAP or all of us should start calling our dealers and demanding a refund for our HE purchases. I'm sure our dealers will call into C4 so save yourself the headache. You realize that this isn't a Control4 owned forum, right? How do you know the priority isn't high? Just because its taking a few days doesn't mean its not THE highest priority item on their list. No idea if it is, but it's clear its a blocker for some folks, but just how many actual customers do you think use this tool? I'm guessing the number is countable on both hands and feet for a given week. When fixes require software they can take some time. I think C4 has apologized and stated they are working on it. You want blood or something? Link to comment Share on other sites More sharing options...
CFUG Posted June 15, 2018 Share Posted June 15, 2018 Where is Wappinghigh? He's your "go for the jugular" man... Link to comment Share on other sites More sharing options...
LollerAgent Posted June 15, 2018 Share Posted June 15, 2018 3 hours ago, Clifford Musante said: While it is true that apps for IOS and Android often have a certificate embedded, that is not true for apps that run on a PC. It is true that an app developer can choose to deploy a certificate like this, it's not by any means a best practice. In fact, as I said in a prior post, the best practice is to provide a separate certificate, so that the authentication of an individual is separate from the security of the app itself. Also remember, when an authentication certificate is embedded in the IOS or android app, when the app is updated/upgraded, we're forced to re-authenticate. I know of no one who thinks that this is a good idea, but it's become one of the annoying aspects of programming for IOS, and using our iPhones as tools to manage our homes and our systems. I'm not defending C4 here, but I think you have a misunderstanding of how client certificates work. Client certificates are often embedded in services and applications for authentication purposes. Custom CA certificates can also be bundled with software for another layer of authentication. Your statement that certificates are never embedded is simply incorrect. Your statement that it's not a best practice is YOUR opinion. Link to comment Share on other sites More sharing options...
george57 Posted June 15, 2018 Share Posted June 15, 2018 15 minutes ago, Pounce said: You realize that this isn't a Control4 owned forum, right? How do you know the priority isn't high? Just because its taking a few days doesn't mean its not THE highest priority item on their list. No idea if it is, but it's clear its a blocker for some folks, but just how many actual customers do you think use this tool? I'm guessing the number is countable on both hands and feet for a given week. When fixes require software they can take some time. I think C4 has apologized and stated they are working on it. You want blood or something? Are you kidding me? I use Composer HE regularly to connect to my system at a vacation rental property which is a 2 hour drive away. I need to change door codes, etc., and check on the status of the system, which regularly gets hiccups that need fixing. I Have to have this connectivity working at ALL times. It's bad enough that Control$ deemed it undesireable to continue to support the 32-bit legacy Control4 app, which cut me off connecting from my iPhone last year, now they aren't supporting my Composer connection. Shame on them and you for suggesting they can take all the time they need. This is URGENT. They need to FIX IT NOW! Link to comment Share on other sites More sharing options...
Pounce Posted June 15, 2018 Share Posted June 15, 2018 6 minutes ago, george57 said: Are you kidding me? I use Composer HE regularly to connect to my system at a vacation rental property which is a 2 hour drive away. I need to change door codes, etc., and check on the status of the system, which regularly gets hiccups that need fixing. I Have to have this connectivity working at ALL times. It's bad enough that Control$ deemed it undesireable to continue to support the 32-bit legacy Control4 app, which cut me off connecting from my iPhone last year, now they aren't supporting my Composer connection. Shame on them and you for suggesting they can take all the time they need. This is URGENT. They need to FIX IT NOW! Nope. I'll count you on my index finger then.. or would you prefer a toe? Link to comment Share on other sites More sharing options...
RyanE Posted June 15, 2018 Share Posted June 15, 2018 1 minute ago, Pounce said: How do you know the priority isn't high? Just because its taking a few days doesn't mean its not THE highest priority item on their list. If you expect *any* company to not have occasional oversights, you're going to be continually disappointed. I've just now gotten an update. An update is *expected* to be released sometime today, barring any issues. Here are some tentative notes: Will require updating ComposerHE. ComposerHE builds will only be available for relatively 'up-to-date' systems (OS versions 2.9.1 and 2.10.x). Will require a certificate patch on the controller as well. If you are on a release prior to 2.9.1, you will need to update to 2.9.1. IMHO, this *is* more than a few day's work (figuring out the fix, applying it to multiple ComposerPro builds, and creating a custom certificate patch), and the Composer team has hustled to get these custom builds and patches out in a timely fashion. I apologize for the inconvenience, and thank you for your patience. RyanE Link to comment Share on other sites More sharing options...
Adidaswood Posted June 15, 2018 Share Posted June 15, 2018 I manage IT teams at a large consulting firm and if we really are talking about Expired Certs, that is really sad. My teams have weekly certificate scripts that check all server's Stores. We start acting 90 days out sometime sooner. I compare it to being a pilot, we don't take off unless we've run our checklists and everything checks out. If storage is getting full we address it, if certs are in our threshold for action we address it. We don't wait until its a problem. Whether it is imbedded app or in a certificate store, it matters not, this is basic blocking and tackling. you should have reporting on what Certs have been issued and tooling that tells you what's happening on your daily weekly and monthly ops dashboards. Shaking my damn head. My CIO would have my ass in a sling. all that aside shit happens sometimes, and I think people could live with that, but the slowness of the repair is mindboggling. Link to comment Share on other sites More sharing options...
Gary Leeds UK Posted June 15, 2018 Share Posted June 15, 2018 1 hour ago, mkaiseraz said: RyanE, Thanks for the Update Shame Control do not step up to line and tell us whats going on. On this and my Favorite Subject Link to comment Share on other sites More sharing options...
rayk32 Posted June 15, 2018 Share Posted June 15, 2018 5 minutes ago, RyanE said: If you are on a release prior to 2.9.1, you will need to update to 2.9.1. Are you saying that customers on versions before 2.9.1 are being forced to update and pay for these updates? Link to comment Share on other sites More sharing options...
RyanE Posted June 15, 2018 Share Posted June 15, 2018 5 minutes ago, Adidaswood said: I manage IT teams at a large consulting firm and if we really are talking about Expired Certs, that is really sad. My teams have weekly certificate scripts that check all server's Stores. We start acting 90 days out sometime sooner. I compare it to being a pilot, we don't take off unless we've run our checklists and everything checks out. If storage is getting full we address it, if certs are in our threshold for action we address it. We don't wait until its a problem. Whether it is imbedded app or in a certificate store, it matters not, this is basic blocking and tackling. you should have reporting on what Certs have been issued and tooling that tells you what's happening on your daily weekly and monthly ops dashboards. Shaking my damn head. My CIO would have my ass in a sling. all that aside shit happens sometimes, and I think people could live with that, but the slowness of the repair is mindboggling. You are exactly correct, and this is also common practice with Control4, and it's why Control4 didn't have an issue with the ComposerPro certificate. Dealers had a months' notice to update their ComposerPro installation, and the controller certificate patch happened automatically for most all 'internet-connected' systems, well before the expiration date. The ComposerHE certificate issue was simply an oversight in that process. RyanE Link to comment Share on other sites More sharing options...
RyanE Posted June 15, 2018 Share Posted June 15, 2018 Just now, rayk32 said: Are you saying that customers on versions before 2.9.1 are being forced to update and pay for these updates? I am saying that the only versions of ComposerHE that are being updated at this point in time are 2.9.1, and 2.10.x. RyanE Link to comment Share on other sites More sharing options...
pfissure Posted June 15, 2018 Share Posted June 15, 2018 11 minutes ago, RyanE said: If you expect *any* company to not have occasional oversights, you're going to be continually disappointed. I've just now gotten an update. An update is *expected* to be released sometime today, barring any issues. Here are some tentative notes: Will require updating ComposerHE. ComposerHE builds will only be available for relatively 'up-to-date' systems (OS versions 2.9.1 and 2.10.x). Will require a certificate patch on the controller as well. If you are on a release prior to 2.9.1, you will need to update to 2.9.1. IMHO, this *is* more than a few day's work (figuring out the fix, applying it to multiple ComposerPro builds, and creating a custom certificate patch), and the Composer team has hustled to get these custom builds and patches out in a timely fashion. I apologize for the inconvenience, and thank you for your patience. RyanE Can the controller patch be done remotely by a dealer? Link to comment Share on other sites More sharing options...
rayk32 Posted June 15, 2018 Share Posted June 15, 2018 1 minute ago, RyanE said: I am saying that the only versions of ComposerHE that are being updated at this point in time are 2.9.1, and 2.10.x. RyanE Then, why am I seeing this on 2.9.0? Link to comment Share on other sites More sharing options...
RyanE Posted June 15, 2018 Share Posted June 15, 2018 Just now, pfissure said: Can the controller patch be done remotely by a dealer? I don't know the answer to that question. I believe you will be able to download and run the patch yourself. They're typically packaged as Windows executables, you select the controller, it applies the patch. RyanE Link to comment Share on other sites More sharing options...
RyanE Posted June 15, 2018 Share Posted June 15, 2018 Just now, rayk32 said: Then, why am I seeing this on 2.9.0? I did not say the issue only affected 2.9.1 and above, but that HE is only being released in those versions. RyanE Link to comment Share on other sites More sharing options...
pfissure Posted June 15, 2018 Share Posted June 15, 2018 Just now, RyanE said: I don't know the answer to that question. I believe you will be able to download and run the patch yourself. They're typically packaged as Windows executables, you select the controller, it applies the patch. RyanE ok thank you. my question is whether, in this typical situation you describe , the patch can be applied remotely? i am not at home and won't be for a while but really want to be able to patch my controller Link to comment Share on other sites More sharing options...
rayk32 Posted June 15, 2018 Share Posted June 15, 2018 1 minute ago, RyanE said: I did not say the issue only affected 2.9.1 and above, but that HE is only being released in those versions. RyanE So what do we do if our systems are running on 2.9.0. or earlier versions? Versions of the operating system and HE have to match, correct? Link to comment Share on other sites More sharing options...
RyanE Posted June 15, 2018 Share Posted June 15, 2018 Just now, pfissure said: ok thank you. my question is whether, in this typical situation you describe , the patch can be applied remotely? i am not at home and won't be for a while but really want to be able to patch my controller Unfortunately, I don't know the answer to that question. RyanE Link to comment Share on other sites More sharing options...
RyanE Posted June 15, 2018 Share Posted June 15, 2018 Just now, rayk32 said: So what do we do if we are on 2.9.0. or earlier versions? You update to 2.9.1. 2.9.1 is the terminal release for 2.9, and has many bugfixes over 2.9.0, and has been the recommended 2.9 release for quite some time. It's possible you also could use the 2.9.1 ComposerHE with your 2.9.0 system. It *may* work, but it's always recommended to use the exact version of ComposerPro for the OS release on the controller. RyanE Link to comment Share on other sites More sharing options...
pfissure Posted June 15, 2018 Share Posted June 15, 2018 2 minutes ago, RyanE said: Unfortunately, I don't know the answer to that question. RyanE ryan i appreciate that you gave us the information that you did. thank you Link to comment Share on other sites More sharing options...
Pounce Posted June 15, 2018 Share Posted June 15, 2018 19 minutes ago, Adidaswood said: I manage IT teams at a large consulting firm and if we really are talking about Expired Certs, that is really sad. If I understand correctly C4 changed cert authorities. This required new certs all around. That was the patch last month. Looks like they didn't correctly accommodate the needed cert in the HE install. I suppose not replacing the cert with the new one resulted in the previous cert running out? Sort of a different scenario than a cert expiring, but a miss.... Link to comment Share on other sites More sharing options...
Zuhair Posted June 15, 2018 Author Share Posted June 15, 2018 59 minutes ago, Pounce said: You realize that this isn't a Control4 owned forum, right? How do you know the priority isn't high? Just because its taking a few days doesn't mean its not THE highest priority item on their list. No idea if it is, but it's clear its a blocker for some folks, but just how many actual customers do you think use this tool? I'm guessing the number is countable on both hands and feet for a given week. When fixes require software they can take some time. I think C4 has apologized and stated they are working on it. You want blood or something? Does this mean that ComposerHE is not a priority because it only affect end-users? Does it also means if it was Composer Pro, C4 will act immediately because it's a revenue generating product? Link to comment Share on other sites More sharing options...
RyanE Posted June 15, 2018 Share Posted June 15, 2018 It means nothing more and nothing less than it was an oversight, and should have been caught before it was. Sorry about that. RyanE Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.