Jump to content
C4 Forums | Control4

Director is unable to authenticate Composer HE

Zuhair

By Zuhair
in General Control4 Discussion

Recommended Posts


  • Replies 440
  • Created
  • Last Reply
c4inATX Newbie

c4inATX

Posted
Posted

It is crazy that this is a paid for product and C4 has not made a priority of fixing it within multiple business days. For all of us HE users, we are effectively cut off from our systems.

I may be new to this forum but I am not new to home automation.

 

C4 - provide an update ASAP or all of us should start calling our dealers and demanding a refund for our HE purchases. I'm sure our dealers will call into C4 so save yourself the headache.

Link to comment
Share on other sites
Pounce Mentor

Pounce

Posted
Posted
7 minutes ago, c4inATX said:

It is crazy that this is a paid for product and C4 has not made a priority of fixing it within multiple business days. For all of us HE users, we are effectively cut off from our systems.

I may be new to this forum but I am not new to home automation.

 

C4 - provide an update ASAP or all of us should start calling our dealers and demanding a refund for our HE purchases. I'm sure our dealers will call into C4 so save yourself the headache.

You realize that this isn't a Control4 owned forum, right?

How do you know the priority isn't high? Just because its taking a few days doesn't mean its not THE highest priority item on their list. No idea if it is, but it's clear its a blocker for some folks, but just how many actual customers do you think use this tool? I'm guessing the number is countable on both hands and feet for a given week.

When fixes require software they can take some time. I think C4 has apologized and stated they are working on it. You want blood or something?

Link to comment
Share on other sites
LollerAgent Mentor

LollerAgent

Posted
Posted
3 hours ago, Clifford Musante said:

While it is true that apps for IOS and Android often have a certificate embedded, that is not true for apps that run on a PC.  It is true that an app developer can choose to deploy a certificate like this, it's not by any means a best practice.  In fact, as I said in a prior post, the best practice is to provide a separate certificate, so that the authentication of an individual is separate from the security of the app itself.  Also remember, when an authentication certificate is embedded in the IOS or android app, when the app is updated/upgraded, we're forced to re-authenticate.  I know of no one who thinks that this is a good idea, but it's become one of the annoying aspects of programming for IOS, and using our iPhones as tools to manage our homes and our systems.

I'm not defending C4 here, but I think you have a misunderstanding of how client certificates work.  Client certificates are often embedded in services and applications for authentication purposes.  Custom CA certificates can also be bundled with software for another layer of authentication.  Your statement that certificates are never embedded is simply incorrect.  Your statement that it's not a best practice is YOUR opinion.

Link to comment
Share on other sites
george57 Newbie

george57

Posted
Posted
15 minutes ago, Pounce said:

You realize that this isn't a Control4 owned forum, right?

How do you know the priority isn't high? Just because its taking a few days doesn't mean its not THE highest priority item on their list. No idea if it is, but it's clear its a blocker for some folks, but just how many actual customers do you think use this tool? I'm guessing the number is countable on both hands and feet for a given week.

When fixes require software they can take some time. I think C4 has apologized and stated they are working on it. You want blood or something?

Are you kidding me? I use Composer HE regularly to connect to my system at a vacation rental property which is a 2 hour drive away. I need to change door codes, etc., and check on the status of the system, which regularly gets hiccups that need fixing. I Have to have this connectivity working at ALL times. It's bad enough that Control$ deemed it undesireable to continue to support the 32-bit legacy Control4 app, which cut me off connecting from my iPhone last year, now they aren't supporting my Composer connection. Shame on them and you for suggesting they can take all the time they need. This is URGENT. They need to FIX IT NOW!

Link to comment
Share on other sites
Pounce Mentor

Pounce

Posted
Posted
6 minutes ago, george57 said:

Are you kidding me? I use Composer HE regularly to connect to my system at a vacation rental property which is a 2 hour drive away. I need to change door codes, etc., and check on the status of the system, which regularly gets hiccups that need fixing. I Have to have this connectivity working at ALL times. It's bad enough that Control$ deemed it undesireable to continue to support the 32-bit legacy Control4 app, which cut me off connecting from my iPhone last year, now they aren't supporting my Composer connection. Shame on them and you for suggesting they can take all the time they need. This is URGENT. They need to FIX IT NOW!

Nope. I'll count you on my index finger then.. or would you prefer a toe?

Link to comment
Share on other sites
RyanE Veteran

RyanE

Posted
Posted
1 minute ago, Pounce said:

How do you know the priority isn't high? Just because its taking a few days doesn't mean its not THE highest priority item on their list.

If you expect *any* company to not have occasional oversights, you're going to be continually disappointed.

I've just now gotten an update.  An update is *expected* to be released sometime today, barring any issues.

Here are some tentative notes:

  • Will require updating ComposerHE.
  • ComposerHE builds will only be available for relatively 'up-to-date' systems (OS versions 2.9.1 and 2.10.x).
  • Will require a certificate patch on the controller as well.

If you are on a release prior to 2.9.1, you will need to update to 2.9.1.

IMHO, this *is* more than a few day's work (figuring out the fix, applying it to multiple ComposerPro builds, and creating a custom certificate patch), and the Composer team has hustled to get these custom builds and patches out in a timely fashion.

I apologize for the inconvenience, and thank you for your patience.

RyanE

 

Link to comment
Share on other sites
Adidaswood Community Regular

Adidaswood

Posted
Posted

I manage IT teams at a large consulting firm and if we really are talking about Expired Certs, that is really sad.  My teams have weekly certificate scripts that check all server's Stores.  We start acting 90 days out sometime sooner.  I compare it to being a pilot, we don't take off unless we've run our checklists and everything checks out.  If storage is getting full we address it, if certs are in our threshold for action we address it.  We don't wait until its a problem.  Whether it is imbedded app or in a certificate store, it matters not, this is basic blocking and tackling.  you should have reporting on what Certs have been issued and tooling that tells you what's happening on your daily weekly and monthly ops dashboards.  Shaking my damn head.  My CIO would have my ass in a sling.
 

all that aside shit happens sometimes, and I think people could live with that, but the slowness of the repair is mindboggling.

Link to comment
Share on other sites
rayk32 Collaborator

rayk32

Posted
Posted
5 minutes ago, RyanE said:

If you are on a release prior to 2.9.1, you will need to update to 2.9.1.

 

Are you saying that customers on versions before 2.9.1 are being forced to update and pay for these updates?

Link to comment
Share on other sites
RyanE Veteran

RyanE

Posted
Posted
5 minutes ago, Adidaswood said:

I manage IT teams at a large consulting firm and if we really are talking about Expired Certs, that is really sad.  My teams have weekly certificate scripts that check all server's Stores.  We start acting 90 days out sometime sooner.  I compare it to being a pilot, we don't take off unless we've run our checklists and everything checks out.  If storage is getting full we address it, if certs are in our threshold for action we address it.  We don't wait until its a problem.  Whether it is imbedded app or in a certificate store, it matters not, this is basic blocking and tackling.  you should have reporting on what Certs have been issued and tooling that tells you what's happening on your daily weekly and monthly ops dashboards.  Shaking my damn head.  My CIO would have my ass in a sling.
 

all that aside shit happens sometimes, and I think people could live with that, but the slowness of the repair is mindboggling.

You are exactly correct, and this is also common practice with Control4, and it's why Control4 didn't have an issue with the ComposerPro certificate.  Dealers had a months' notice to update their ComposerPro installation, and the controller certificate patch happened automatically for most all 'internet-connected' systems, well before the expiration date.

The ComposerHE certificate issue was simply an oversight in that process.

RyanE

 

Link to comment
Share on other sites
RyanE Veteran

RyanE

Posted
Posted
Just now, rayk32 said:

Are you saying that customers on versions before 2.9.1 are being forced to update and pay for these updates?

I am saying that the only versions of ComposerHE that are being updated at this point in time are 2.9.1, and 2.10.x.

RyanE

 

Link to comment
Share on other sites
pfissure Collaborator

pfissure

Posted
Posted
11 minutes ago, RyanE said:

If you expect *any* company to not have occasional oversights, you're going to be continually disappointed.

I've just now gotten an update.  An update is *expected* to be released sometime today, barring any issues.

Here are some tentative notes:

  • Will require updating ComposerHE.
  • ComposerHE builds will only be available for relatively 'up-to-date' systems (OS versions 2.9.1 and 2.10.x).
  • Will require a certificate patch on the controller as well.

If you are on a release prior to 2.9.1, you will need to update to 2.9.1.

IMHO, this *is* more than a few day's work (figuring out the fix, applying it to multiple ComposerPro builds, and creating a custom certificate patch), and the Composer team has hustled to get these custom builds and patches out in a timely fashion.

I apologize for the inconvenience, and thank you for your patience.

RyanE

 

Can the controller patch be done remotely by a dealer?

Link to comment
Share on other sites
RyanE Veteran

RyanE

Posted
Posted
Just now, pfissure said:

Can the controller patch be done remotely by a dealer?

I don't know the answer to that question.  I believe you will be able to download and run the patch yourself.

They're typically packaged as Windows executables, you select the controller, it applies the patch.

RyanE

 

Link to comment
Share on other sites
pfissure Collaborator

pfissure

Posted
Posted
Just now, RyanE said:

I don't know the answer to that question.  I believe you will be able to download and run the patch yourself.

They're typically packaged as Windows executables, you select the controller, it applies the patch.

RyanE

 

ok thank you.  my question is whether, in this typical situation you describe , the patch can be applied remotely?  i am not at home and won't be for a while but really want to be able to patch my controller

Link to comment
Share on other sites
rayk32 Collaborator

rayk32

Posted
Posted
1 minute ago, RyanE said:

I did not say the issue only affected 2.9.1 and above, but that HE is only being released in those versions.

RyanE

So what do we do if our systems are running on 2.9.0. or earlier versions?  Versions of the operating system and HE have to match, correct?

Link to comment
Share on other sites
RyanE Veteran

RyanE

Posted
Posted
Just now, pfissure said:

ok thank you.  my question is whether, in this typical situation you describe , the patch can be applied remotely?  i am not at home and won't be for a while but really want to be able to patch my controller

Unfortunately, I don't know the answer to that question.

RyanE

Link to comment
Share on other sites
RyanE Veteran

RyanE

Posted
Posted
Just now, rayk32 said:

So what do we do if we are on 2.9.0. or earlier versions?

You update to 2.9.1.  2.9.1 is the terminal release for 2.9, and has many bugfixes over 2.9.0, and has been the recommended 2.9 release for quite some time.

It's possible you also could use the 2.9.1 ComposerHE with your 2.9.0 system.  It *may* work, but it's always recommended to use the exact version of ComposerPro for the OS release on the controller.

RyanE

Link to comment
Share on other sites
Pounce Mentor

Pounce

Posted
Posted
19 minutes ago, Adidaswood said:

I manage IT teams at a large consulting firm and if we really are talking about Expired Certs, that is really sad.

If I understand correctly C4 changed cert authorities. This required new certs all around. That was the patch last month. Looks like they didn't correctly accommodate the needed cert in the HE install. I suppose not replacing the cert with the new one resulted in the previous cert running out? Sort of a different scenario than a cert expiring, but a miss....

Link to comment
Share on other sites
Zuhair Rising Star

Zuhair

Posted
  • Author
Posted
59 minutes ago, Pounce said:

You realize that this isn't a Control4 owned forum, right?

How do you know the priority isn't high? Just because its taking a few days doesn't mean its not THE highest priority item on their list. No idea if it is, but it's clear its a blocker for some folks, but just how many actual customers do you think use this tool? I'm guessing the number is countable on both hands and feet for a given week.

When fixes require software they can take some time. I think C4 has apologized and stated they are working on it. You want blood or something?

Does this mean that ComposerHE is not a priority because it only affect end-users? Does it also means if it was Composer Pro, C4 will act immediately because it's a revenue generating product?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept