Code by Scott שאול בן ישוע
Verified Commit 3d0c5807 authored by Sha'ul ben Yeshua's avatar Sha'ul ben Yeshua 🎗
Browse files

updated README

parent f832d613
Tesla Powerwall 2 - Local Gateway API documentation
======
_(This documentation is currently in flux: portions are updated and portions aren't updated. Use at your own risk)_
_(If you find issues, please submit pull requests - currently testing on firmware version 1.45.2)_
___*** Please be patient as I have an unrelated day job! ***___
**Please help me update this: Pull requests are welcome!**
This is a list of api URLs and some random thoughts I've been able to pull together from the interwebs and other functions we've been able to reverse engineer from the local gateway. This is not the [ Tesla Owner API] which you can find here: (https://tesla-api.timdorr.com) with a Python library that works nicely to control a Powerwall 2 here: (https://github.com/mlowijs/tesla_api), which is actively being developed here: (https://github.com/swm11/tesla_api).
A python implementation of the local API can be found [here](https://github.com/jrester/tesla_powerwall).
-Thanks for submitting this:
A note about HTTPS and SSL Certificates
---
In a recent update to the Powerwall firmware (v1.20+) non-SSL requests (http) are no longer supported and queries will return HTTP/1.1 301 Moved Permanently. Unfortunately the certificate presented by the Powerwall is not signed by a root certificate authority as they are self-signed. This results in web browsers and tools like curl not accept it without it either being included as a trusted certificate or a specific action by the user to override the error.
You have three ways around a certificate error:
1) In web browser this will manifest itself as an error that the certificate is not trusted. To bypass simply click "details" (IE/Edge) or "Advanced..." (Firefox) and select continue.
2) With curl the `--insecure` or `-k` option will ignore the SSL certificate. This is ok, but it doesn't authenticate the device you are connecting to.
3) A better way is to export the Powerwall public certificate and add it to the local machine's trusted certificate list or just use the certificate in your curl request.
__I recommend option 3 above.__
_Here's what worked for me:_
Step 1: DNS
Enable DNS lookups, on your local network, for one of the following DNS names in the certificate under the "Certificate Subject Alt Name". On my gateway these names are:
1) teg
2) powerwall
3) powerpack
You can add this to your local DNS server as an A Record or /etc/hosts file or other DNS name resolution service.
For /etc/hosts add an entry that looks like this if your Powerwall gateway's IP was 192.168.99.99:
`192.168.99.99 powerwall`
Step 2: Get the certificate
`echo quit | openssl s_client -showcerts -servername powerwall -connect powerwall:443 > cacert.pem`
This grabs the certificate from the powerwall using the DNS entry you setup in step 1.
Step 3: use the certificate in your curl statements
e.g. `curl --cacert cacert.pem https://powerwall/api/meters/aggregates`
If you get this error: `curl: (51) SSL: no alternative certificate subject name matches target host name` then the name you chose (teg or powerwall or powerpack) doesn't match what's in the certificate file and you'll need to check the certificate and perhaps do some googling to figure out the solution.
For the rest of the documentation, I will assume you copied the certificate and are using method C with the Powerwall's public certificate. If you didn't, just leave out the certificate `--cacert cacert.pem` portion and add `-k`.
This is a list of api URLs all from reverse engineer from the local gateway. This is not the [ Tesla Owner API] which you can find here: (https://tesla-api.timdorr.com) with a Python library that works nicely to control a Powerwall 2 here: (https://github.com/mlowijs/tesla_api), which is actively being developed here: (https://github.com/swm11/tesla_api).
Powerwall 2 Web UI
---
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment