If you're posting a request for installation help, please provide as much info about your system as possible. For example, for help regarding connecting a smart thermostat, please include details about your system including whether you have gas/electric, heat pump, number of heat stages, A/C condenser, etc.

Anybody else unable to access ecobee developer portal?

dborndborn Montreal, CanadaMember
edited April 2016 in ecobee

I use Firefox on Linux and since a few weeks, I've been getting the following error when I try to access the https://developer.ecobee.com/api page:

"Your connection is not secure

The owner of developer.ecobee.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

developer.ecobee.com uses an invalid security certificate.
The certificate is only valid for the following names: *.getsatisfaction.com, getsatisfaction.com
Error code: SSL_ERROR_BAD_CERT_DOMAIN"

I contacted ecobee support about it and got the answer: Try another browser or OS, it works fine for us.
After I came back saying they should really fix it on their end (yes, it does work on IE for me but that's not saying much), they responded saying they would pass it along to the proper department. Of course nothing was done.

If I'm the only one pushing for this, I'm sure it will never get fixed... Anybody else getting annoyed by this situation?

So when I want to access this ecobee website, I have to fire up my insecure WinXP VM and use its end-of-life, unsupported Internet Explorer. It hardly seems like a good idea or a permanent solution...

Tagged:

Comments

  • dborndborn Montreal, CanadaMember
    edited April 2016

    Update:

    I just went to try it again in WinXP/IE and got:
    " There is a problem with this website's security certificate.

    The security certificate presented by this website was issued for a different website's address.

    Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
    We recommend that you close this webpage and do not continue to this website.
    Click here to close this webpage.
    Continue to this website (not recommended).
    "
    So even there, it seems the best I can do is do something that is not recommended... I can't believe this is only affecting me!? (unless no one uses the developer portal!?)

  • jhagenjhagen MichiganMember

    Same issue on windows 7 with Firefox or Chrome

  • dborndborn Montreal, CanadaMember

    Here is the response from ecobee, which solved the issue for me:

    "It seems that a few browsers (IE, Firefox, Tor) picked up a commit to the Chrome HSTS preload list where our domain was briefly listed a few months back. These browsers seem to lag the Chrome list in removing our site. It appears that new nightly builds of IE and Firefox have removed us from their lists. In the meantime, you can visit https://ecobee.com (note, no 'www') to have your browser remove the HSTS entry for our domain. Following that you should be able to visit http://developer.ecobee.com/api without any browser warnings.

    We're working on implementing HSTS support, but this requires all sub-domains to be capable of HTTPS, which at present is not supported across all our vendors. We hope to have this resolved in the near future. Thanks, and please let us know if you have any further problems after taking the above steps!"

    Hope this helps,
    Daniel

Sign In or Register to comment.