mTLS support | Home Assistant | Page 1

ripe lotus Dec 28, 2023, 11:14 PM

#

Is there any technical reason why it hasn't been done before?

#

Otherwise I would be willing to try to give it a shot to implement it myself and submit the change

pseudo cairn Dec 29, 2023, 12:23 AM

#

https://github.com/home-assistant/iOS/pull/2144

GitHub

Allow supplying client certificates by zacwest · Pull Request #2144...

TODO:

Update HAKit to support providing arbitrary URLCredentials -- this requires forking Starscream which doesn't offer the ability to provide it, which means HAKit will begin requiring a fo...

#

i didn't have time to finish it yet, and it requires ios 15, which is the minimum the app will support soon so it could reasonably be done. but there's limitations - heavy limitations, potentially for features you want in the future like widgets or watch complications.

ripe lotus Dec 29, 2023, 4:31 PM

#

I see so there is some complexity to make sure the client certificate gets added everywhere, including for widgets and watches...

#

is there any intermediate solution possible such as a warning when setting up the certificate that would warn the user that they won't be able to use it on apple watch or widgets?

#

(allowing users to choose between security and conveniency)

#mTLS support