Director is unable to authenticate Composer HE

[cannemi]

I am having same issue and I am on 2.10.2.550334-res

[RyanE]

This (the ComposerHE issue) is being looked at.  I don't have a resolution at this time, but plan to post here when the resolution is available.

My understanding is that this is related to the Control4 certificate changeover, it appears something was missed somewhere for HE.

I apologize that you're all having issues with it.

RyanE

[jonnytr]

I have the same problem and my ComposerHE is version 2.7.2

[Clifford Musante]

We spoke to Control4 today, and after they had us try a number of different things, they then admitted that it is now a known bug, and they do not have any date for resolution of this problem.  I've upgraded to 2.10.2, and reapplied the patch, yet it's still not working, just like all of you.

Now, the waiting game begins.

[jeffatwork]

If they've acknowledged the problem with the "security patch", why is it still available on their website?  Had they removed it, I would not have installed it and been fine.  Lastly, if they allowed the previous version of Composer available to download we wouldn't be sitting around waiting.  Terrible roll-out C4.

 

[rea]

I've had more issues with this 2.10.2 rollout than I ever did doing the "big" upgrade from 2.9 to 2.10. My remote services are still awful and having to have my dealer come out to deregister and re-register my EA-5 and now HE is down. At least it sounds like the HE issue is in the process of getting addressed. 

[RyanE]

The security patch *does* work, it's just incomplete.

It is still on the website because it may still be needed by dealers to patch systems.

I apologize that this was missed, but again, it's being worked on.

RyanE

 

[cidle323]

34 minutes ago, jeffatwork said:

If they've acknowledged the problem with the "security patch", why is it still available on their website?  Had they removed it, I would not have installed it and been fine.  Lastly, if they allowed the previous version of Composer available to download we wouldn't be sitting around waiting.  Terrible roll-out C4.

 

I didnt install the patch and mine no longer works either, assume its more than a issue with the patch. Also Installed Older versions, which dont work anymore either... 

[CFUG]

1 hour ago, jeffatwork said:

If they've acknowledged the problem with the "security patch", why is it still available on their website?  Had they removed it, I would not have installed it and been fine.  Lastly, if they allowed the previous version of Composer available to download we wouldn't be sitting around waiting.  Terrible roll-out C4.

 

This is not true.  You would have been "shut-down" anyway.  It's one bug (associated with the new certificate) and one bug does not a "terrible roll-out make".

[msgreenf]

1 hour ago, CFUG said:

This is not true.  You would have been "shut-down" anyway.  It's one bug (associated with the new certificate) and one bug does not a "terrible roll-out make".

I mean if it's a bug that impacts you it's a terrible roll-out.  It's OK to say everything didn't go as planned.  Now that  C4 has it documented it can be resolved.  While you can't program your system is still available and working

[knowitall]

You guys login to your systems THAT much? I haven’t touched my system in 6+ months and normally only login if I’m trying to test a thought process before I deploy it in the field 

[CFUG]

10 minutes ago, msgreenf said:

I mean if it's a bug that impacts you it's a terrible roll-out.  It's OK to say everything didn't go as planned.  Now that  C4 has it documented it can be resolved.  While you can't program your system is still available and working

OK, let me re-phrase.  It's never a success when a piece of software is put out to the public with problems or, in this case, incomplete coding.  It shouldn't of happened in the first place.  But, it does and does frequently in any industry.  So, you make your complaint and wait it out.  I wasn't the one complaining...

[CFUG]

4 minutes ago, knowitall said:

You guys login to your systems THAT much? I haven’t touched my system in 6+ months and normally only login if I’m trying to test a thought process before I deploy it in the field 

Yes.  I use Composer just about every day.  I always have ideas I put to the test.

[dcovach]

If you're on 2.10, when >> then might get you by until the bug is fixed

[msgreenf]

29 minutes ago, CFUG said:

Yes.  I use Composer just about every day.  I always have ideas I put to the test.

wow, I haven't touched my system  in weeks.  I just don't have time nor do I really want to change things that much

[Zuhair]

wow, I haven't touched my system  in weeks.  I just don't have time nor do I really want to change things that much

Logging to the system once in weeks or once a day is a personal "thing". Preference to change things that much or do a change once in weeks is another personal "thing".


Sent from my iPhone using Tapatalk

[msgreenf]

3 minutes ago, Zuhair said:

 

Logging to the system once in weeks or once a day is a personal "thing". Preference to change things that much or do a change once in weeks is another personal "thing".


Sent from my iPhone using Tapatalk

 

I wasn't knocking it or judging - just saying I was surprised.

[CFUG]

46 minutes ago, Zuhair said:

 

Logging to the system once in weeks or once a day is a personal "thing". Preference to change things that much or do a change once in weeks is another personal "thing".


Sent from my iPhone using Tapatalk

 

I'm not going to try to read anything into that statement.  The fact is, I have two teenagers that are transitioning away from TVs, DVRs and Xboxes to other forms of entertainment that can be brought in under Control4.  They are also old enough to try their hand at programming.  I'm thrilled that they are interested and allow them access to Composer.  I aways keep a safe backup.  I don't doubt some of you are busy.  I'm not.  I planned for early retirement and did it.

[Pounce]

If there is that level of interest I might suggest considering transitioning to some things that translate into something practical outside of C4 like AWS services. Node.js is handy and can tap you into all sorts of fun complexity. Look at the AWS greengrass service and machine learning. Sagemaker is interesting. So many modern options to combine programming with some hardware and make it fun. Lots of great free training these days. Amazing how radically different it is from when I was a teen. All I had was dewey decimal   Good for you that you were able to make yourself available for your kids.

[calbear]

I'm getting this with 2.9.1.532307-res.  Argh!  I hadn't touched my system in any way for about the past 2 months...

[pwb]

Same thing here. bad because having people stay at the house and I have a ceiling light come on and off at night to make the room look occupied. Guess I will have to unscrew the bulb.

[msgreenf]

25 minutes ago, pwb said:

Same thing here. bad because having people stay at the house and I have a ceiling light come on and off at night to make the room look occupied. Guess I will have to unscrew the bulb.

Recommend in the future thing this to a button or ui button so you can toggle this without composer

[Clifford Musante]

We're paying for this s/w, and it's reasonable to think that it's going to work properly.  So, for all of the people claiming that this is a botched rollout, I would have to agree with them.  We have not yet heard from C4 about whether this defect affects every person that tries to log in, or if it is isolated, and only affects a subset.  Their responses make it look like it affects only a subset of us, but other information seems to be contradictory to me.

As an IT guy, who is familiar with security, the expression "Certificate" means something very specific to me.  Certificates are not usually embedded into the app, but instead are stored in a security store on the device, and they are managed separately.  Using this technique, a company can revoke a certificate, without affecting the app, but at the same time, rendering the app useless.  And so, if this were in fact a certificate problem, then it would seem to me to be quite easy to either, issue a new certificate to everyone, which would fix the problem, or to force everyone to login to an intermediate site, and have that site issue a new certificate, which would then be installed onto our PCs, allowing the Composer app to authenticate.  But, C4 has either been sloppy with their explanation, or they don't really know what's wrong.

For them to say that it's a certificate problem, but that they have no idea how long it will take in order to resolve the problem is incoherent and inconsistent.

Certificates contain authentication information.  Their entire job is to offer proof about who the person or app is, so that a determination can be made as to whether to trust the person or app, or not to trust them.  And so, certificates usually contain things like

1. App Name
2. App Publisher
3. App User ID
4. App security key / encryption key
5. Authentication domain
6. etc...

It's really hard to understand how they can't simply change one of the bits of embedded information in the certificate, and get the app working again.

And so, to the C4 team that is monitoring this, can't you provide us with a more detailed explanation, so that we can better understand the problem, and make a decision about how to handle this period, when our apps are no longer working?

[pwb]

13 minutes ago, msgreenf said:

Recommend in the future thing this to a button or ui button so you can toggle this without composer

Relatively new to this. Are you saying I can program a button somewhere else (like on a six button pad) to activate/deactivate the programming that runs the bedroom switch?

[Zuhair]

Same thing here. bad because having people stay at the house and I have a ceiling light come on and off at night to make the room look occupied. Guess I will have to unscrew the bulb.

Imagine that your car's security system had a false siren at a snowy night, you were unable to turn it off using the remote control because "suddenly" your car isn't able to authenticate the remote control due to a certificate glitch! You had to go out to disarm the security or disconnected the battery.
In another term, this is called unreliability.



Sent from my iPhone using Tapatalk