@njschwartz im with you. I dont regret going with Lutron as they are really the best switches in this space but man this stinks. I had your Python version working fine and then bam things stopped and now I know why. Please keep us up to date. So for now, the recommended path would be the ST supported integration?
I agree that Lutron switches are great and reliable…I just with they were a bit more open. Very frustrating!
Do you have a Pro or standard hub. If standard then the only way forward for the foreseeable future is the official ST integration. If you have a Pro hub, give me a little time and I will get the node version updated to support it again. If anything changes or I hear more I will certainly pass it on!
1 Like
my biggest beef in all this is that there is no way to disable automatic updates on the hub - my gear, my house, let me update as i see fit (or turn on auto updates if i want, like Hue)
I’m with you 100%. Sadly that’s not the way the world seems to be going. Basically you accept their terms it they can pretty much brick your devices. It’s unfortunate and I honestly don’t take understand it. I just hope we find a way to have this thing… 
I have the Pro Hub and I would like to keep using your SmartApp. I like that I was able to use the Pico remotes. Thanks for all your work and for maintaining it as well.
Quick question, if I want to remove some of the created virtual things (like lights) do I need to delete them first? I did try to uncheck in service manager but this did not remove the things. When I later want these back can I just check them again? What is the correct order or what is the correct procedure?
After doing a bit of MITM of the Lutron app, I figured how to connect to the new TLS LEAP server.
Each Smart Bridge has a unique root CA called local cert. I’m not sure if it’s permanent or changes on hardware resets.
When linking the bridge to the Lutron Cloud, I believe the Lutron cloud generates an intermediary CA (called remote cert) and asks the Smart Bridge to sign it with its root.
When logging in the Lutron app, the app generates a private key and Certificate Signing Request, which it sends out to the Lutron API. The intermediary CA in the cloud signs the app certificate and returns it to the app, along with the certificate of the intermediary CA, and other bridge info (including what seems to be credentials for Xively).
The app authenticates to the Lutron API using a regular OAuth flow (one time use code flow, immediately substituted for an access token)
After the pairing request, the app connects to the Xively service and discovers the local IP of the bridge. It can then attempt to connect directly to the bridge using the client cert retrieved during the pairing.
I wrote a crude bash script that will go through the OAuth flow (you’ll need to copy paste some URL in the browser), generate a certificate, make a pairing call, and verify that the signed certificate works to connect to the bridge.
It doesn’t connect to Xively so you’ll need to provide the local IP of the bridge if you want to do the connection verification.
The script is available here: https://gist.github.com/mhofman/f8e1fdd5dce49abacf5fd776fb3727ce
I’ll let others fix their integrations. I’m not sure if the LEAP protocol has changed, but if not, it should be a simple matter of switching the SSH connection for a TLS connection authenticated with the generated cert. The certificates are valid for 10 years.
4 Likes
I was out of town for a few weeks, so I started catching up this morning and thought perhaps my integration might be broken - which would be terrible! These pico’s have worked fantastic for smart bulbs!
My integration is still working - is the issue only with the non pro version of the hubs?
Oct 15 7:23:54 raspi-westtenth lutronpro[360]: Listening on port 5000…
Oct 15 7:23:54 raspi-westtenth lutronpro[360]: Received: login:
Oct 15 7:23:54 raspi-westtenth lutronpro[360]: Received: password:
Oct 15 7:23:55 raspi-westtenth lutronpro[360]: Received: GNET>
Oct 15 7:23:55 raspi-westtenth lutronpro[360]: Connected!
Oct 15 7:26:42 raspi-westtenth lutronpro[360]: Received: ~DEVICE,5,4,3
Oct 15 7:26:42 raspi-westtenth lutronpro[360]: Received: ~DEVICE,5,4,4
Oct 15 7:26:42 raspi-westtenth lutronpro[360]: button was released
Oct 15 7:26:42 raspi-westtenth lutronpro[360]: 186
Only configured Pro survive.
Problem is Lutron retired SSH server. All non-pro relies on SSH to operate, so they are dead obviously. Pro needs SSH to get list of devices, so if you have already installed the ST smart app and configured devices, you are not affected.
Well I have some good news. I have used the information supplied by @mathieuh to connect to the new TLS LEAP server and after a lot of trial an error converted it into javascript code that I can use to authenticate! This is great news because it means I can now fix/update the project to continue to work with both Pro and Standard hubs! I will be working on that over the next day or so and should have a release soon. I will update everyone as soon as I have it all put together!
1 Like
I probably should have written it in JS in the first place, it would have taken me half the time it took me to write it in shell script 
1 Like
Haha. I wish. I’m not familiar very with shell script not SSL so deciphering your work was an educational challenge. Nevertheless, I’m very grateful to you for your work and for sharing!
Hi @njschwartz, I have an idea to get device id from telnet interface. At server side, you can ask user to operate one of the device, and then get the device ID from “~OUTPUT” message.
Hey @snalium thanks for the suggestion. Actually, there is a way to have the ‘LIP data’ emailed to you in the Lutron app which is even simpler. The issue isn’t getting the data really, but rather the fact that sometimes it doesn’t line up with what is/was in the LEAP server.
Regardless of all that, I have successfully updated my node app to support the new SSL Leap server Lutron is now using. I will be posting a new topic today to let others install and try it out. It will work with both Pro and non Pro bridges and allows for control of switches, scenes, and Picos (pro hub only). Thanks!
1 Like
Hi @njschwartz,
I remember someone mentioned the integration report is not reliable.
But since you’ve figured out the new LEAP server, everything should become much easier. Thanks for your work and effort on this. You are the savior of Lutron owners here.
1 Like
Nate… Thank you for doing this work!
1 Like
Check out the official release of the Node version that also supports the new Lutron SSL server. 
2 Likes
I am running in to problems with getting smartthings up and running. I used gethub and install all apps. And I got the raspberry running the python lutron. But when I go to the smartthings phone app I can’t find it under my apps
well i made a rookie mistake i didnt double check and see if the app installed from get hub. that part works. i got all dependence installed and the Raspberry going but when it starts it comes up with
Attempting to connect to Lutron Hub
Successfully Logged in to Lutron Hub
Listening for Telnet DATA
Unhandled Error
Traceback (most recent call last):
File “/usr/lib/python2.7/dist-packages/twisted/internet/base.py”, line 420, in fireEvent
DeferredList(beforeResults).addCallback(self._continueFiring)
File “/usr/lib/python2.7/dist-packages/twisted/internet/defer.py”, line 319, in addCallback
callbackKeywords=kw)
File “/usr/lib/python2.7/dist-packages/twisted/internet/defer.py”, line 308, in addCallbacks
self._runCallbacks()
File “/usr/lib/python2.7/dist-packages/twisted/internet/defer.py”, line 651, in _runCallbacks
current.result = callback(current.result, *args, **kw)
— —
File “/usr/lib/python2.7/dist-packages/twisted/internet/base.py”, line 433, in _continueFiring
callable(*args, **kwargs)
File “LutronPi.py”, line 423, in main
ssh = smartBridgeSSH()
File “LutronPi.py”, line 302, in init
self.client.connect(SMARTBRIDGE_IP, port, uname, None, key)
File “/usr/lib/python2.7/dist-packages/paramiko/client.py”, line 380, in connect
look_for_keys, gss_auth, gss_kex, gss_deleg_creds, gss_host)
File “/usr/lib/python2.7/dist-packages/paramiko/client.py”, line 597, in _auth
raise saved_exception
paramiko.ssh_exception.AuthenticationException: Authentication failed.
~OUTPUT
2
1
100.00
~OUTPUT
2
1
100.00
~OUTPUT
2
1
39.00
did i miss a step becasue when i go into smart app to setup it finds the raspberry pi but wont find devices. i enabled the telnet on my pro hub but i get nothing. Did any one else have this problem?
1 Like
Hey @Buzzshot I apologize for being so slow to respond. I have been gone for work the last couple of weeks. Anyway, this python version isn’t working anymore due to changes that Lutron made recently to their protocols. Please check out LutronPro Caseta v1.0 which is working and much much easier to set up. Thanks!
1 Like
Just to let you know 8BitNinja, the regular Picos will work with Sonos. Ive been using some of my light dimmer Picos with a couple of my Sonos. I did just buy 4 of the pricey ones for 35$ a little cheaper than what I was seeing around. Still pricey but was sick of not being able to tell what the buttons were (Play, etc) Although I really only used the volume mainly. I saw someone using the regular remotes just printed some labels to put on the buttons.