Start a new topic

Wifi security

Is there anyway to create a username or password to keep anyone on the network from changing settings through the RAPI command?  Or bricking it by uploading bad firmware?

 


Yes, version 2.x of the WiFi firmware has many security enhancements.


Web interface Login with Username and Password

Ability to change default Username and Password

Encrypted (https) EmonCMS server with TLS Fingerprint verification

Encrypted (https) Ohm Connect server with TLS Fingerprint verification

MQTT with authentication

 

The firmware is available here:

https://github.com/OpenEVSE/ESP8266_WiFi_v2.x/releases

 

You will need a USB serial adapter for the initial load. I recommend using ESPtools to upload the firmware with the following command.


esptool.py -b 1500000 -p COM3 write_flash 0x000000 firmware.bin 0x300000 spiffs.bin


So dont try to upload firmware through the web interface? Or is that for the main controller board?

Correct. Version 2 requires both firmware and a file system. The web interface will only load the firmware.



Is this why my OpenEVSE stopped transmitting data after my attempt to upgrade to 2.5.2 from 2.5.0?  I used the web interface System/WiFi Firmware/Choose File (firmware.bin)/Update.


The Wifi stopped transmitting and cannot be accessed in AP mode.


Was the bin file the wrong one to use?

Probably. I'm unsure if the wifi web server portion can be updated through the web interface. I think it needs to be updated via a cable. But i didnt write the code or do a deep dive on it. Its just from my hazy memory of doing this over the summer.

The WiFi can be upgraded from the web interface. Upgrading from 2.5.0 to 2.5.2 should work fine. I did it in chrome just the other day.

That's good news and thanks for the reply Chris.

Can you describe how you did it, and what file(s) you used.  When I used firmware.bin in the web interface System section, all communications stopped and I haven't been able to monitor consumption since.  I was going to reflash all files using the instructions at: https://openevse.dozuki.com/Guide/OpenEVSE+WiFi+%28Beta%29/14


What is the difference between the files at 

https://github.com/chris1howell/OpenEVSE_RAPI_WiFi_ESP8266 

and

https://github.com/openevse/ESP8266_WiFi_v2.x/ 

The correct files are here:

https://github.com/openevse/ESP8266_WiFi_v2.x/

There are BIN files ready to go in the releases section. 


The others from my personal repo are very old, they were the foundation for the 1.x and 2.x official releases.

I'm trying to flash upgrade my 2016-openevse wifi module.  I used nodemcu flasher in windows and the 2.5.2 firmware plus the 2.1.0 spiffs.bin from the githut releases to write to the card.  it appeared to work.

When I log into the openevse accesspoint, it shows the new interface but it can't find any networks.  It just shows "scanning".  When I search for networks on my phone, there are plenty that should show up.  Any ideas what's going on?

SPIFSS.bin is no longer needed, the filesystem is embeded in the firmware.


I would recommend esptools to flash with the following command (substitute your com port and speed if necessary):


esptool.py -b 1500000 -p COM3 write_flash 0x000000 firmware.bin 


The nodemcu flasher apparently worked that one time, but it took several (at least 3) reboots before the ESP8266 started showing WIFI units.  I didn't reflash without spiffs.bin but was able to get it to connect to my WIFI when I got home with the unit.  Thanks!

 

Hello guys,

 

Im having problems to access the web interface of OpenEVSE after setting up the Wi-Fi parameters.

 

Im following these steps:

 

- At first time, using a computer im connecting in the default SSID from OpenVSE (OpenEVSE_XXXXXXX)

- I can access the web interface through the IP address 192.168.4.1

- The web interface shows me the SSID from my access point, and then i put the password from my network

- Them the OpenEVSE connects into my infrastructure, and I can see in OpenEVSE display the IP address that it obtained from my DHCP server

- I can see the OpenEVSE connected to my access point as a client, I can ping the IP address from OpenEVSE, but when I try to access the web interface from OpenEVSE it does not respond.

 

Is this normal? Or should I access the OpenEVSE web interface normally using the IP address that it obtained?

 

Thank you guys!

Do you plan to use MQTT over TLS with client authentication (using RSA private key or signed JWT), for example to use public MQTT brokers like AWS IoT or Google Clout IoT Core ?

Thank you.

Peter 

Peter, yes we plan to implement MQTT over TLS with client certs.


See Github issue:

https://github.com/OpenEVSE/ESP8266_WiFi_v2.x/issues/192 

Login or Signup to post a comment