Firmware 1.20.0

[Funhouse]

I've lost access to the Web UI and API monitoring as well. I was upgraded to 1.20 a week and a half ago and had to change to https to get the access. Then a few days later, I could no longer get web access from my notebook, but could from another PC on my network. At that stage, the API access from a Unix box was still working and feeding into my Home Assistant setup. Then everything stopped working. It looks like all web access has been disabled, including through the Powerwall's own access point. I talked to Powerwall support and they confirmed that turning off the Web and API access is separate from the 1.20 upgrade, but needs the 1.20 for them to be able to do it. In other words, just the upgrade to 1.20 won't turn off Web access by itself, but allows Tesla to remotely turn it off after it has been upgraded.

So, my suggestion to anyone who continues to want the Web and API access would be to remove the SIM card from the gateway and block remote access to the Powerwall at your firewall so Tesla can't disable it. If I'd known this was coming, it's what I would have done. I've made my displeasure known to Tesla and have told them I require it to be turned back on. I've also pointed out to them that Consumer Affairs laws in Australia don't allow companies to remove functionality from a product after you have paid for it. I'm giving them 2 weeks to sort it out, them I'm taking them to my state Consumer Affairs Tribunal. They need to realise they don't own the Powerwall, I do.

 

[bkp_duke]

I've lost access to the Web UI and API monitoring as well. I was upgraded to 1.20 a week and a half ago and had to change to https to get the access. Then a few days later, I could no longer get web access from my notebook, but could from another PC on my network. At that stage, the API access from a Unix box was still working and feeding into my Home Assistant setup. Then everything stopped working. It looks like all web access has been disabled, including through the Powerwall's own access point. I talked to Powerwall support and they confirmed that turning off the Web and API access is separate from the 1.20 upgrade, but needs the 1.20 for them to be able to do it. In other words, just the upgrade to 1.20 won't turn off Web access by itself, but allows Tesla to remotely turn it off after it has been upgraded.

So, my suggestion to anyone who continues to want the Web and API access would be to remove the SIM card from the gateway and block remote access to the Powerwall at your firewall so Tesla can't disable it. If I'd known this was coming, it's what I would have done. I've made my displeasure known to Tesla and have told them I require it to be turned back on. I've also pointed out to them that Consumer Affairs laws in Australia don't allow companies to remove functionality from a product after you have paid for it. I'm giving them 2 weeks to sort it out, them I'm taking them to my state Consumer Affairs Tribunal. They need to realise they don't own the Powerwall, I do.

I'm in agreement with this. Also in the US it is not legal to remove a feature of a product that it was sold with. I'll be burning up Tesla's Energy dept on this one as well.

 

[sashton]

They have set an https redirect but their certificate is invalid. This is fine for a browser as you can simply choose to ignore the security warnings but using a .net based API to read the JSON data (which is certainly NOT "abusing" the system) I cannot currently ignore the invalid CA.

 

[Shygar]

They have set an https redirect but their certificate is invalid. This is fine for a browser as you can simply choose to ignore the security warnings but using a .net based API to read the JSON data (which is certainly NOT "abusing" the system) I cannot currently ignore the invalid CA.

Just import the cert and trust it. It's just a self signed cert

 

[Artimis]

Just an FYI, if anyone is using the API to make instant changes to the mode or reserve percentage, they now require the authentication token to be passed in the header of the GET request made to /api/sitemaster/run for the changes to take effect (and restart the powerwall).

 

[sashton]

Just import the cert and trust it. It's just a self signed cert

It's weird (Windows 7) I had imported the cert. Browse is fine to https://<powerwall>/api/... and the JSON is returned but
Invoke-WebRequest -Uri 'https://<powerwall/api/...' results in Could not create SSL/TLS secure channel.

Why can't Tesla just do it properly and use a public cert? ...Grrrr

 

[cwied]

They can't use a public cert because the access is over the LAN and will have a different address in each installation. I suppose they could get a cert for a specific name and have people set it up with that hostname, but that's not really a best practice. The main issue is that https is really designed for servers you access over the internet, not for servers on the LAN.

 

[BJReplay]

Invoke-WebRequest -Uri 'https://<powerwall/api/...' results in Could not create SSL/TLS secure channel.

Not using PS, so this may be worth nothing, but if you set up a hosts entry for powerwall to your static IP, and literally use -Uri 'https://powerwall/api/meters/aggregates' you might have more luck. It is possible that it is validating that it is both a trusted certificate, and that the SAN matches. The certificate has SANs for
DNS name=teg
DNS name=powerwall
DNS name=powerpack
IP Address=192.168.90.1
IP Address=192.168.90.2
IP Address=192.168.91.1

 

[BJReplay]

Confirmed. Use a host name.

 

[bkp_duke]

At least you guys still get responses from the gateway web server. I'm completely locked out, it won't so much as pass a fart my way now.

 

[sashton]

Thanks for the tips. I eventually bit the bullet and upgraded to Powershell core (6.0.2) and with that they have added a -SkipCertificateCheck optional parameter to Invoke-WebRequest. So no worries about local certs anymore.

As an additional bonus, I'm no longer tied to Windows as Powershell core is nearly platform independent although I've just finished migrating all of the data collection on to one Windows box:-

PV (Fronius API)
Powerwall status
Solar tubes (Consolar via serial interface)
Thermal store (Consolar via serial interface)
DHW and heating (Consolar via serial interface)
Z-wave sensors (Vera web interface)
River levels (Modified oil tank level sensor attached to the bridge over the river - we live in a watermill so flooding is always a worry)
Weather data (Davis VP2 - USB connection)
Appliances (Home Connect - although there is very little data to grab).
House alarm (Via Vera)

So far it controls:-
Washing machine (Home connect)
Dish Washer (Home connect)
Tumble dryer (Home connect)
Home heating (two heating circuits,oil boiler and DHW)
Security lights (Z-wave via Vera)

Once Myenergi release their hub/API it will control the car charging

and of course, DB and Web publishing

All of this running on an £80 Intel compute stick! My recovery in the event of a failure is to "plug the other one in"

...so as you see if Tesla remove the reporting API it would really piss me off, especially as I have a second PW and UK Backup Gateway on order.
I have no intention of updating any PW settings via any web calls as I prefer to just monitor it and make changes to other systems as and when.

 

[Instaurare]

My Powerwall stack got updated to 1.20.0 today. No release notes so far -- nothing looks different in the app. Anyone know anything?

One of the best features of the Powerwall is the ability to access state of charge info directly from the WiFi, without having to go through the internet, which at times does go down. So when you get upgraded to 1.20.0, chances are you will soon lose all ability to access the Powerwall directly via wifi, and then must access through cell service?

 

[bkp_duke]

One of the best features of the Powerwall is the ability to access state of charge info directly from the WiFi, without having to go through the internet, which at times does go down. So when you get upgraded to 1.20.0, chances are you will soon lose all ability to access the Powerwall directly via wifi, and then must access through cell service?

Yep, especially if you have some sort of automated polling setup.

 

[Instaurare]

Yep, especially if you have some sort of

Yep, especially if you have some sort of automated polling setup.

The alternative is not good either----prevent the upgrade, and then have your warranty reduced from 10 years to 4. There has got to be a better way than this, especially considering that the Powerwall has no monitoring equipment attached to the unit itself, unlike Sonnen or any other battery system on the market. What can be their reason for doing this?

 

[AnthonyB]

To add to the feedback on this to Tesla, I've sent them, and Elon Musk, this tweet (well, actually 3 tweets in a thread). Feel free to like, retweet, respond to, etc.

Anthony Bennett on Twitter

 

[AnthonyB]

The other thing I've noticed in the last few weeks is that my ability to sustain a connection to my PW's TEG WiFi hotspot from my PC has become very unreliable. Even when it does connect, I often cannot connect to the PW itself.

The web interface is definitely still on as I do get a successful connection a few times per day, but it has just become very unreliable in recent weeks.

May be related to this whole 1.20.0 debarcle, or may just be my setup... but thought I'd mention it.

 

[nswfugitive]

OK - if you are using pvoutput.org for your PW2 - a fix for the missing battery % has been made by BB.

Tesla Powerwall2 data to PVoutput?

 

[wwhitney]

I just got upgraded to 1.20.0 last night, and I notice there are a couple changes to the main web page of the Powerwall (https://Powerwall_Local_IP_Address):

1) In addition to the Login link, there are two other links, "Network" and "Summary". Pretty sure those are new.
2) Clicking any of the three links take you to a login splash, which looks the same for each link, even though they are three different URLs. The login splash now has a "login type" drop down menu, with two options, Customer or Installer. The language, email, and password fields are still there. There's also a "Change or Forgot Password" link that I think is new.

Has anyone explored any of these changes?

Cheers, Wayne

 

[cwied]

Has anyone explored any of these changes?

Cheers, Wayne

Yes, I've tried the various functions.

If you log in as a user, you get to see the Network and Summary tabs, but you can't start the wizard.

If you log in as installer, it's very much like the previous versions.

The wizard appears to be mostly the same, except that they now automatically change the password when you first run the wizard. There is a password-recovery process that involves toggling the switch on one of the Powerwalls and then entering the Gateway serial number within five minutes.

The wizard still doesn't support entering TBC parameters or setting TBC mode, unfortunately. It'll be interesting to see if they add that to the user login eventually.

 

[wwhitney]

The wizard appears to be mostly the same, except that they now automatically change the password when you first run the wizard.

Meaning it forces you to pick a new password? And then that password is the new password for both user and installer logins, or just for installer logins? I assume the password change doesn't affect Tesla's ability to remote update or reconfigure the Powerwalls?

Thanks for the info.

Cheers, Wayne