Chromecast working...!

Discussion in 'Android' started by Martin Paul Sr, Oct 31, 2018.

Share This Page

  1. Martin Paul Sr

    Martin Paul Sr n3wb

    Joined:
    Jun 6, 2018
    Messages:
    14
    Likes Received:
    4
    Location:
    San Jose
    There have been a lot of complaints: When you have a Chromecast on your LAN you can see the Chromecast link/logo in the Android app, but if you try to use it you will see "Chromecast is only supported over https".
    It's not the app's fault, I think https is a Chromecast requirement.
    And it requires not only https, but https using a CA-signed SSL certificate.
    It is not trivial to get a secure SSL https connection on a home PC running a non-https server like Blue Iris, but with this info it is easy.

    To get it working on a you need:
    1. An https web server proxy
    2. DNS admin access to a registered domain name
    3. An SSL certificate signed by a trusted CA (certificate authority)
    Part 1:
    Download and install "stunnel" (.exe file) which provides the https encrypted web proxy.
    Then configure the https port by editing the file stunnel.conf (in the \stunnel\config folder under Program Files or Program Files (x86) )
    This file needs to contain at least:

    [https]
    accept = 127.0.0.1:443
    connect = 127.0.0.1.62:81
    cert = stunnel.pem
    TIMEOUTclose = 0

    Notes:
    • 127.0.0.1 should be the actual LAN IP address of your Blue Iris server (like 192.168.1....
    • This means stunnel on you BI server will listen on port 443 and make the encrypted connection to your Blue Iris server port 81 (or whatever port you use for BI).
    • Your router needs a port forward setting to accept port 443 connections and forward them to your BI server LAN IP port 443, then stunnel will connect that data to Blue Iris.
    • You can now connect to your BI server with secure https encryption but it has a self-signed (not trusted) certificate.
      You can connect to BI and view camera streams with the UI3 web app and your Android app, but the Android app won't stream video to Chromecast, and your browser in UI3 will alert you that your connection is not secure.
    Part 2:
    If you don't already have a registered domain name, get one from a registrar.
    They will provide admin access to DNS settings.
    The first setting is to set up an A Record directing the domain name to your WAN address (the public IP address of your router).
    For example if you register the name myserver.com and your public IP address is 185.31.17.133 you might create an A Record with a subdomain like "cams" so that cams.myserver.com will point to 185.31.17.133.
    You will also need admin access to create a TXT Record in part 3.

    Part 3 (the lucky part):
    Fortunately there is a trusted CA (certificate authority) that is free of charge called "LetsEncrypt", and there is an online wizard that creates the required keys and certificates from LetsEncrypt for you called "ZeroSSL".
    Go to ZeroSSL.com and select the Online Tools section and the Free SSL Certificate Wizard it will walk you through creating a real SSL cert from LetsEncrypt.
    At the start you should select the "DNS Verification" option and give it your domain name such as cams.myserver.com, and of course accept their terms for ZeroSSL and LetsEncrypt.
    As you continue with the NEXT button through the steps, it will instruct you to create a specific TXT Record in the DNS settings of your domain to verify ownership, and it will generate a number of text files (four) which you should download and save.
    The contents of the final two of those files (domain-key.txt and domain-crt.txt) will replace the contents of your stunnel.pem file (in the \stunnel\config folder under Program Files or Program FIles (x86) ).
    Keep the other two files for easy renewal of the cert which is required every 90 days.
    The order and spacing of contents in stunnel.pem is important. It should contain the contents of domain-key.txt first, then the contents of domain-crt.txt.
    There should also be empty lines after the private key and after the certificate.
    So the file should look like this:

    -----BEGIN RSA PRIVATE KEY-----
    [encoded key]
    -----END RSA PRIVATE KEY-----
    [empty line]
    -----BEGIN CERTIFICATE-----
    [encoded certificate]
    -----END CERTIFICATE-----
    [empty line]

    The contents of domain-crt.txt has two certificates.
    They do not need to be separated.
    After all this is done, set your Android app's LAN to use https:// and use the domain name, not the IP address (to find that setting, log out and click EDIT).
    You can also use your domain instead of an IP address to connect to UI3 without warnings or errors.
    When you connect the Android app while on your LAN (same LAN as Chromecast(s), whatever camera view you select can be cast and displayed on the TV...!
    It will stay displayed even if you turn off the screen or open a different app (but not if you close the BI app).
    Now you can be Scarface and see all your assailants in approaching you in your home, right on the big screen... "Say hello to my little friend!"

    One other note:
    Apparently Chromecast will only accept an http connection from a server with a CA-signed certificate (Netflix, Google. etc.).
    I use a couple apps that play local video (Videostream for Chromecast on the PC and Bubble UPnP on Android).
    I think this means those apps must be going through a cloud server and are not just streaming within my LAN.
    In this Blue Iris case, since you created a real CA-signed https server on you own PC, all the contents stay within your own private LAN.
     
    Last edited: Nov 13, 2018 at 7:38 PM
    looney2ns, abraxas11 and fenderman like this.
  2. abraxas11

    abraxas11 n3wb

    Joined:
    Mar 23, 2016
    Messages:
    4
    Likes Received:
    0
    this sounds great for me, i'm going to have to give it a try.
     
  3. mtpleasantben

    mtpleasantben Young grasshopper

    Joined:
    Feb 27, 2017
    Messages:
    48
    Likes Received:
    2
    Location:
    Washington, DC, United States
    Thanks for the great write up! I did exactly as you recommended, but no luck with the chromecast. The SSL cert instructions works, however when I cast the screen just blinks a lot with the BlueIris Logo. Its very possible my Chromecast GEN1 wont work, but I would assume it would. What Gen Chromecast do you have? How long does it take to get past the blinking blueiris splash screen?

    If you can edit your post, change the middle of Step 3 to reference domain-key.txt instead of private-key.txt, the first time i did it I used my account-key.txt (just because I wasn't thinking.)

    Also, the spacing isn't important at all. I'd recommend making a copy of your pem file, and editing it with notepad, then cutting and pasting from the 2 txt files you download directly so that you keep the correct format. There should be NO spacing.
     
  4. Martin Paul Sr

    Martin Paul Sr n3wb

    Joined:
    Jun 6, 2018
    Messages:
    14
    Likes Received:
    4
    Location:
    San Jose
    I edited that filename mixup in step 3, thanks for catching it.
    The thing didn't work for me until I followed the spacing instructions, then it did. I learned about the spacing rules in stunnel's support FAQ I think. Anyway it works for me. I would note that the domain-cert.txt file contains two certifcates, and those should have no spaces or break between them.
    I use old Chromecast plugs (not sure what Gen, but they are a few years old and not those dongles or Ultras).
    For me the Blue Iris logo is replaced by the live camera stream very quickly when I activate Chromecast.
     
  5. mtpleasantben

    mtpleasantben Young grasshopper

    Joined:
    Feb 27, 2017
    Messages:
    48
    Likes Received:
    2
    Location:
    Washington, DC, United States
    Thanks! Yeah stunnel will show an error in the log if there is an error in the pem file, so it may not be that which caused it to work.

    Let me ask you this. Is your Chromecast, blueiris, and phone/Android device all on the same flat network (subnet)?

    On thing I did notice is if I ask and go to a clip I get the cycling blueiris logo with a image icon similar to one on a web page if a file wasn't found.

    I'd love to figure this out. My blueiris server is on a different subnet, but still accessible and within the same LAN. Maybe it's just that.
     
  6. Martin Paul Sr

    Martin Paul Sr n3wb

    Joined:
    Jun 6, 2018
    Messages:
    14
    Likes Received:
    4
    Location:
    San Jose
    I have everything on a single network, that's all I have at my house, no subnet
     
  7. mtpleasantben

    mtpleasantben Young grasshopper

    Joined:
    Feb 27, 2017
    Messages:
    48
    Likes Received:
    2
    Location:
    Washington, DC, United States
    I'll move my Chromecast to test it out all on the same subnet.
     
  8. mtpleasantben

    mtpleasantben Young grasshopper

    Joined:
    Feb 27, 2017
    Messages:
    48
    Likes Received:
    2
    Location:
    Washington, DC, United States
    No that didn't work for me. Can you check your Chromecast version? So mine was purchased in 2013, it's super old.

    Cast firmware version: 1.32.124602
     
  9. Martin Paul Sr

    Martin Paul Sr n3wb

    Joined:
    Jun 6, 2018
    Messages:
    14
    Likes Received:
    4
    Location:
    San Jose
    I honestly don't know how old mine are but I would guess around 2015.
    I'll have to install Google Home app (and go home) but I'll check it out.
    Did you try the spacing rule in the .pem file?
    This is straight from the horse's (stunnel's) mouth: stunnel TLS Proxy
    I too thought it was wrong and ignored it because the .pem file that came with the plain stunnel install followed no such pattern.
    But I am certain the last thing I did was to change nothing but the spacing in the .pem file, and Bingo!
     
  10. mtpleasantben

    mtpleasantben Young grasshopper

    Joined:
    Feb 27, 2017
    Messages:
    48
    Likes Received:
    2
    Location:
    Washington, DC, United States
    Ok. Here's the deal. I did a ton of playing and for a glimpse of a second I saw one of my many cameras. What really stuck with me was one person in another thread who only got it to work when the used the rotate all cameras, and that was what worked for me for a slight moment in time.

    I can promise as much as you want to believe it's the pem, it's not. If the pem was the issue reloading config would give you a log error and https requests would work correctly with the ssl cert you mentioned. However I did make the change, with no luck.

    Let's focus on one thing. Camera resolution.

    So let me know these answers.

    1. What is the resolution of your TV?
    2. What is the resolution of your cameras that cast.
    3. Do all of your cameras cast? Can you cast alerts too? If any don't cast, what are their resolution.

    It's all I can think of. I mean I can see you and maybe one other person who is actually chromecasting here. And I do think your instructions with the ssl cert is an essential step!

    Let's figure this out. Then let's figure out that other bug with the mobile notification animated gif blank notification thing.

    This app needs some attention!
     
    Last edited: Nov 13, 2018 at 9:28 PM
  11. Martin Paul Sr

    Martin Paul Sr n3wb

    Joined:
    Jun 6, 2018
    Messages:
    14
    Likes Received:
    4
    Location:
    San Jose
    There's someone else Chromecasting here? I thought I was special. :)

    I see your point about the log file, my Bingo moment was the first time the log file started without error, and then casting worked. If your's starts without error and still won't really cast then I get it now why we need a further fix.

    OK let me check out my setup (it's pretty small so maybe that's why I'm casting so well):
    My Chromecast firmware is 1.32.124741
    I have three indoor cams that are 720p and one doorbell that is 1080p
    The TV I'm using now for testing is 1080p 55"
    All the cameras cast, either in All Cameras view, or any individual.
    I haven't tried casting alerts till now, so I tried now and the screen displays nothing except a large "ES File Explorer Cast".
    I guess because they are recorded video files and not streams, it is trying to use a video player.

    Personally, I'm only interested in casting live streams, like a CCTV system, and I just kinda do it for fun, or to watch downstairs from upstairs bedroom.
    It never occurred to me to cast alerts, I'm happy with the MMS and app alerts on my phone.

    What I'd like to figure out is to have geofence exits and entrances activate automatically.
    Currently they alert me but will only kick in the server change if I sign into the app, so it's totally manual.
    All I want is "on" when I'm out and "off" when I'm in.
    I can just as easily use the traffic light for that if I have to do it manually, so it's useless for me.
    I'll try to start a thread or support session about that soon if someone hasn't already.
     
    Last edited: Nov 14, 2018 at 1:13 AM
  12. mtpleasantben

    mtpleasantben Young grasshopper

    Joined:
    Feb 27, 2017
    Messages:
    48
    Likes Received:
    2
    Location:
    Washington, DC, United States
    Thanks for your update. A few things here.

    1. All of your cameras are equal or below the resolution of your TV, most of mine are higher than what my tv can handle. Shouldn't ever be an issue, but we are looking at everything here.

    2. Your Chromecast firmware isn't up to date. You most likely have the second gen adapter. Maybe you are the only lucky one because you are stuck on an old firmware version? You couldn't have the 1st Gen, your firmware is too high. I'm lost here, can you look up your adapter and let us know which version you have?

    Current Preview Program firmware version
    Chromecast (1st gen) — Firmware version 1.32124602

    Chromecast (2nd gen) — Firmware version 1.35134464

    Chromecast — Firmware version 1.35134464

    Chromecast Ultra — Firmware version 1.35134959

    Chromecast Audio — Firmware version 1.32124602

    Want to test drive the latest firmware version before it's released broadly? Join the Chromecast Preview Program.

    Current production firmware version
    Chromecast (1st gen) — Firmware version 1.32124602

    Chromecast (2nd gen) — Firmware version 1.35134464

    Chromecast — Firmware version 1.35134464

    Chromecast Ultra — Firmware version 1.3513459

    Chromecast Audio — Firmware version 1.32124602

    Cast for Android TV — Firmware version 1.32124602
     
  13. mtpleasantben

    mtpleasantben Young grasshopper

    Joined:
    Feb 27, 2017
    Messages:
    48
    Likes Received:
    2
    Location:
    Washington, DC, United States
    You are rather new to blueiris, so let me just say over a year ago the Android app was worthless. Over the past year a lot of development has gone into the web version, (ui3) and it's truely amazing now. So I think most of the older users us the web browser to watch it on a screen. For me I load Firefox on a firestick and load the web URL with jog high. I'd love if the stick did the h264, but oh well. Other times I'll load chrome on my Amazon fire tablet in h264 and cast that to my Chromecast. (Browser cast). That's ok, but fuzzy. I don't use geofencing, because I want the notifications wherever I am. I've been using email notifications for years, and would really like to move to something more efficient like the in app mobile notification with an animated gif. Man I'd love to swipe down and see what happened rather than opening an email.

    Since again you are part of a select two, it'd be nice to have figured out the exact situation when this works. I can disable all but my 1080p camera and see if it casts to my 1080p tv. I might throw in th towel soon. It's just too much work for something I can do another way. I mean I recently upgraded my blueiris server just because I couldn't figure out why some updates caused my CPU to max out at 100%. So much time wasted there, that $600 for a new i7-8700 fixed. Lol.
     
  14. Martin Paul Sr

    Martin Paul Sr n3wb

    Joined:
    Jun 6, 2018
    Messages:
    14
    Likes Received:
    4
    Location:
    San Jose
    I don't know why my firmware version would be out-of-date. I see it updating occasionally.
    Also I don't know how to tell which generation mine are. I have two they might be different.
     
    Last edited: Nov 14, 2018 at 10:46 PM
  15. Martin Paul Sr

    Martin Paul Sr n3wb

    Joined:
    Jun 6, 2018
    Messages:
    14
    Likes Received:
    4
    Location:
    San Jose
    You're right I'm new to Blue Iris.
    A friend (abraxas11 up there in this thread) told me about it just this year when I was talking about the need for some kind of security camera(s).
    I think I impressed him (and myself) when I got it working.
    I found the the best notifications are SMTP->your carrier's MMS, including snapshot.
    It's easy to setup in BI, they even list the email gateway addresses of more carriers that you've ever heard of.
    Yes, just swipe down or tap to get message and snapshot, then go to the app or UI3 for a live view if concerned.
    I have tons of trigger test opportunities because I have a handyman friend who has free access to the place as well a some maid and lawn services, and everything works great.
    Abraxas and I even talked about starting a business setting this up for people.
    I'm running mine on a 6-year-old i3 laptop (only computer in the house!) and BI doesn't choke it at all.
    It's using like 5-7% CPU, and less memory (360MB) than this singe-window Chrome session.
    Maybe because I have a not-so-big cam setup.
    I'd definitely be in the market for a new i7 for $600. Where are you seeing that?
     
    Last edited: Nov 14, 2018 at 11:22 PM
  16. mtpleasantben

    mtpleasantben Young grasshopper

    Joined:
    Feb 27, 2017
    Messages:
    48
    Likes Received:
    2
    Location:
    Washington, DC, United States
    There is a good thread on here where they discuss which releases of processors include what new enhancements. I just got lucky with some local guy on Craigslist was having issues with trying to build a machine for something else.

    I do see i-7700 desktops for $600 at Dell. Check the deal sites and eBay. If you dont have may cameras you can get away with a third gen i7 for $200. Check out the threads on building machines.
     
  17. Martin Paul Sr

    Martin Paul Sr n3wb

    Joined:
    Jun 6, 2018
    Messages:
    14
    Likes Received:
    4
    Location:
    San Jose
    Of course, thank you...!