HOWTO: Utilize a valid, signed SSL cert in Sighthound 3.0

Learn how to turn an Android phone into an IP camera security system with Sighthound, download automation scripts & more.

Moderator: Staff

no avatar
Posts: 3
Joined: Mon Oct 23, 2017 4:10 pm

Re: HOWTO: Utilize a valid, signed SSL cert in Sighthound 3.

by KrisWragg » Mon Oct 23, 2017 4:14 pm

Just trying to get this setup but having trouble.

I already have a domain with an SSL certificate ( and have added a sub-domain that points to my IP for my home network.

The SSL certificate is a wildcard so should be able to work but I can't figure out how to import it into SightHound. I have the certificate that starts with -----BEGIN CERTIFICATE----- but if I follow the latter parts of the steps it just seems to trample over my sv.crt and sv.sha files

Any tips?

no avatar
Posts: 2
Joined: Tue Jan 23, 2018 12:24 am

Re: HOWTO: Utilize a valid, signed SSL cert in Sighthound 3.

by drifterific » Tue Jan 23, 2018 12:59 am

I use Lets Encrypt as my CA for my HomeAssistant installation and was wanting to utilize those same CA Certificates on Sighthound. I started digging around and found that if turned off all of the cameras and closed sighthound I could then navigate to:
Code: Select all
C:\Users\<user_name>\AppData\Local\Sighthound Video\web

I made a back up of:
Code: Select all
C:\Users\<user_name>\AppData\Local\Sighthound Video\web\sv.crt
C:\Users\<user_name>\AppData\Local\Sighthound Video\web\sv.key

Then I opened up a text editor and opened the Lets Encrypt chain (contains root and intermediate CA certs) and Site Certificate and put them into a new file named "sv.crt".
Code: Select all
Site Certificate
Intermediate Certificate
Root Certificate

For the key I made a copy of the Lets Encrypt key and named it "sv.key".

With Sighthound still off I then replaced the sv.crt and sv.key with the new ones I had created. Once I relaunched Sighthound I found that I had a valid SSL Certificate in the browser.

You will have to re-authenticate on the android mobile app as the SSL Fingerprint changes, but other than that it has not been an issue. Hope this helps others in using a valid SSL Cert for their Sighthound installs.

There appears to be a change after a recent update and you have to manually populate the sv.sha file with the thumbprint. There are some options to see what the thumbprint is:

The first option is to use a linux machine (homeassistant Pi3 running raspbian) and run this command:

pi@hassbian:/etc/letsencrypt/live/ $ openssl x509 -in cert.pem -text -noout -noout -fingerprint | grep SHA1
SHA1 Fingerprint=94:9B:65:37:..:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.

or use a Windows machine to open the cert and under details at the bottom you will see your thumbprint.


Just copy everything for the thumbprint into the sv.sha file prior to restarting SH and then you will get your access back through the mobile app.

I removed my DNS name and shortened my thumbprint for security reasons.
Last edited by drifterific on Sun Jun 17, 2018 3:16 am, edited 1 time in total.

no avatar
Posts: 1
Joined: Fri May 04, 2018 3:36 am

Re: HOWTO: Utilize a valid, signed SSL cert in Sighthound 3.

by IamNEO » Thu May 10, 2018 8:36 am

Thanks for posting this. I'm running Sighthound on a Mac, so I thought I'd share the steps that got me up and running on macOS / OS X:

• Rename your certificate. For example, rename "certificate.crt" to "sv.crt"
• Rename your private key. For example, rename "private.key" to "sv.key"
• In the Finder menu bar, click Go > Go to Folder..., and enter "/Library/Application Support/Sighthound Video/web" and click Go
• Copy the renamed "sv.crt" and "sv.key" files to the this folder.
• Next Launch Terminal (Applications > Utility folder) and enter the following commands:
Code: Select all
cd /Library/Application\ Support/Sighthound\ Video/web
Code: Select all
openssl x509 -in sv.crt -text -noout -fingerprint | grep SHA1
• You should receive output similar to the following:
Code: Select all
SHA1 Fingerprint=C8:1F:A7:C8:E3:94:49:CC:FC:8A:95:E0:83:44:2E:C2:D6:1F:34:70
• Keep the Terminal window open... Now we need to hightlight and copy the output (everything after the "=") and save it to a new file named "sv.sha"

    NOTE: I ran into issues leaving the fingerprint in that format, so I removed the colons and made the letters lower case (you can do this quickly by pasting in TextEdit then using "Transformations" and "Find > Find and Replace..." from the Edit dropdown menu)
• Enter the following command in Terminal:
Code: Select all
nano sv.sha
• This launches nano - Nano's ANOther editor, an enhanced free Pico clone.
• Paste the fingerprint text c81fa7c8e39449ccfc8a95e083442ec2d61f3470 (COMMAND+V), then press CTRL+X (Exit), Y (Save), Return (write file). You should now have the certificate, key, and fingerprint in the proper location.
• Launch Sighthound and test!


Return to Hacker's Corner