DEV Community

Fleet Telemetry: Streaming Data from Your Tesla

Patrick Demers on February 24, 2024

Tesla's recent rollout of fleet-telemetry empowers authorized users to seamlessly stream real-time data directly from Tesla vehicles. Let's delve i...
Collapse
 
bre77 profile image
Brett Adams

I was considering writing an article just like this a few hours ago, so glad to see you already have. I got access to Fleet Telemetry this morning and have successfully implemented it on teslemetry.com to send Webhooks or Server Side Events.

Collapse
 
sjhill01 profile image
Steve Hill

So you subscribe on their behalf and post it back out to their provided webhook on each report?

Collapse
 
slashmili profile image
Milad

One question, why do we need to send ca in the body of Send Fleet Telemetry Config?

I'm asking because in practice it means every 3 months that the TLS certificate changes(assuming I'm using let's encrypt) I have to resubmit my whole fleet configs.

Collapse
 
slashmili profile image
Milad

Or is it only needed on the first time when the vehicle is configured?

Collapse
 
patrickdemers6 profile image
Patrick Demers

Theoretically the CA shouldn't change if you generate with the same CA each time. It's probably easiest to self-sign your certificate. I will update the article soon to show how to do this.

Collapse
 
vbarrier profile image
Vincent Barrier • Edited

Hi Patrick, thank you for this tutorial. I helps a lot! I still have some questions?

=> My app domain is registered like www.your-domain.com not with a classic your-domain.com (newbie error), will it work to have : telemetry.your-domain.com? (certificate has been generated properly)

=> I have sent a CSR to tesla for your-domain.com, I got a response 200 with :

"response": {
"account_id": "4625141***",
"domain": "www.*****.com",
"name": "***",
"description": "***",
"csr": null,
"client_id": "****",
"ca": null,
"created_at": "2023-10-25T17:17:48.744Z",
"updated_at": "2023-11-17T23:14:46.079Z",
"enterprise_tier": "free",
"issuer": null,
"csr_updated_at": null,
"public_key": "0451016f6299****"
}

But I see null for CA and CSR. Do you think that the CSR will be processed? Should I do something else?

Thank you!

Collapse
 
sjhill01 profile image
Steve Hill

Yes, that will work. I'm using "tesla.mydomain.com" for my app registration and "telemetry.mydomain.com" for the fleet-telemetry server and it seems ok with that. Granted I can't get my certs to load correctly yet so I can't prove it...

Collapse
 
jaypio profile image
jay zh

Hi Steve,

I'm wondering if your CSR was accepted and successful? I also want to confirm that you meant for the CSR you used "domain": "tesla.mydomain.com" (or "mydomain.com") instead of the "telemetry.mydomain.com"?

Collapse
 
urkman profile image
Stefan Sturm

when editing the config.json I need to fill the content of the full certificate chain file:
"ca": "content of full certificate chain file from previous step"

But the content is multiline code like this:
-----BEGIN CERTIFICATE-----
12345
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
abcde
-----END CERTIFICATE-----

How can I add this multiline code to the config.json?

Collapse
 
urkman profile image
Stefan Sturm

OK, found it. Every line need a \n and then join to one line...

Now I can use the check script but it gives me:

The server certificate has a valid partial chain, and may work with the root chain.

What can be the problem here?

Collapse
 
patrickdemers6 profile image
Patrick Demers

Looks like verification is passing with -partial_chain flag. From openssl docs:

Allow verification to succeed if an incomplete chain can be built. That is, a chain ending in a certificate that normally would not be trusted (because it has no matching positive trust attributes and is not self-signed) but is an element of the trust store. This certificate may be self-issued or belong to an intermediate CA.

Collapse
 
shibao_zhang_9dc65b2d8cf3 profile image
Shibao Zhang

Hi @patrickdemers6, thank you very much for the tutorial.

I've noticed your steps and steps in the tesla-temeletry repo are a bit different. Which one is the newest?

Since in the repo, it didn't mention CSR, I tried to get a self-signed CA. However, when I try to use the CA to verify my tesla-telemetry server, I got The server certificate is invalid. error.

Any help would be very appreciated. Thanks!

Collapse
 
jaypio profile image
jay zh

when checking the csr i kept getting an error, any feedback is appreciated!

./repo/tools/check_server_cert.sh config.json

CN = tesla-telemetry.your-domain.com
error 20 at 0 depth lookup: unable to get local issuer certificate
error /tmp/tmp.MB7flNLa0Z: verification failed
CN = tesla-telemetry.your-domain.com
error 20 at 0 depth lookup: unable to get local issuer certificate
error /tmp/tmp.MB7flNLa0Z: verification failed
The server certificate is invalid

Collapse
 
bushal profile image
Alastair Breingan

Hi - I hope someone can answer a simple question.
I already have Fleet API working and want to add Fleet Telemetry.
I assume I can use the same account.
Can I use the same app or does this need to be a separate app? (the Generate Partner Token step looks identical).
Thanks in advance for any help

Collapse
 
bts profile image
bts • Edited

Strange, the telemetry-config has been synced to the car, my server is running, the CSR-request was accepted by Tesla, check_server_cert states 'The server certificate is valid.', but I do not get any data... If I query the Fleet Telemetry Errors endpoint with my partner bearer token, I get an empty fleet_telemetry_errors return...

Collapse
 
bts profile image
bts

Ok, seems like I missed only one step. Although I think the README.md on the github page did not described it a week ago. You need to redirect the owner of the vehicle you want to install the virtual key on to tesla.com/_ak/your-domain.com and let the owner accept this with his app... After doing this last step, data began streaming into my server.

Collapse
 
patrickdemers6 profile image
Patrick Demers

I updated the readme to make the steps clearer a while back. I'll update this post as well.

Collapse
 
bts profile image
bts

the impacted VINs will begin trying to send data shortly

How long is shortly? Just to have an idea. I've sent the config to a MY 2023 model, which accepted it. When requesting its config, the 'synced' field remains 'false'. Even after > 1 hour and waking up de tesla and even driving it for 2 minutes...

Collapse
 
bts profile image
bts

ok, the vehicle now states 'synced'='true'. I guess it may take a while...

Collapse
 
patrickdemers6 profile image
Patrick Demers

Yeah, there's no hard rule on when the vehicle will receive the config. It depends on if it's connected to the server, has a solid internet connection, etc.

Collapse
 
blizzfire profile image
Patrick

Hello and thanks for this great post!
May I ask you how long it took for Tesla to get back to you after you submitted the CSR?
In step 9 of their fleet api Github repo they mention it may take up to two weeks
github.com/teslamotors/fleet-telem...

Have you contacted them via email or just waited for them to get back to you?

Collapse
 
vbarrier profile image
Vincent Barrier

Did they get back to you?

I'm still waiting since 2024-03-31

Collapse
 
sjhill01 profile image
Steve Hill

It took more than the advertised 2 weeks for me - just got my response this week and probably submitted it around the same time you did.

Thread Thread
 
vbarrier profile image
Vincent Barrier

Thank you Steve, There were a problem on my account CSR was not attached but it is fixed!

Collapse
 
chamara_suranga_18decb786 profile image
chamara suranga • Edited

{
"response": null,
"error": "Root domain ******.com must match registered allowed origin on developer.tesla.com/dashboard/app-...",
"error_description": "",
"txid": "34942b7a2f3f7faa45a72b249ea35f63"
}

I'm getting this error , but i couldnt find any place to update the allowed origins

Collapse
 
theophile_ma profile image
Théophile Marchand - Arvier

Hi ! First thanks a lot for this tutorial.
I have a problem and i have a no idea why this not working.

nginx-proxy | 2024/05/22 09:40:01 [error] 20#20: *1 SSL_read() failed (SSL: error:0A000412:SSL routines::sslv3 alert bad certificate:SSL alert number 42) while reading response header from upstream, client: 195.154.25.38, server: fleet-telemetry.bib-data.fr, request: "GET / HTTP/1.1", upstream: "172.30.0.3:8443/", host: "fleet-telemetry.bib-data.fr"
tesla_data | {"activity":true,"context":"fleet-telemetry","level":"info","msg":"2024/05/22 09:40:01 http: TLS handshake error from 172.30.0.5:54332: tls: client didn't provide a certificate\n","time":"2024-05-22T09:40:01Z"}

Collapse
 
super_coder_d14e0de44517e profile image
Super Coder

Hi, did you solve this issue. i faced same error

Collapse
 
krish_ramani_24607cc04927 profile image
krish ramani • Edited

Hello, I've created web socket server in nodejs and telemetry connected successfully and data getting in buffer format and I'm trying to decode this data to original data but getting unreadable format.please check screen shot
Image description

Collapse
 
michael_quyet_8c6e67c1375 profile image
Michael Quyet

Same here, @patrickdemers6 could you help us with this?

Collapse
 
michael_quyet_8c6e67c1375 profile image
Michael Quyet • Edited

Hi @patrickdemers6 ,

Thanks for your post. I know these questions are out of the blue. I finished all the prepared steps and got a confirmation email from Tesla on their side to set up the CSR file on the backend.

I am a c# dev (do not know much about Go) and trying to convert the Go project to C#, I believe I got a vehicle connected to my server and stored data from the vehicle as Binary to my database for later decode the data from the vehicle. I used the given proto file from your project and complied it to c# and used it in my project but somehow could not parse the payload from the vehicle and it always showed the error "Merge an unknown field of end-group tag, indicating that the corresponding start-group was missing".

For the server side, it simply accepts all connections just for debugging and storing data as a standard build-in of .net 8.

Could you let me know what is the main process to decode the data from vehicle?
Thanks

Collapse
 
sjhill01 profile image
Steve Hill

Is there any information out there about rate/data limits? I swear I had seen some at one point, and maybe I'm just blind and am missing it, but I know if I try to be too aggressive it tells me, but what can I get away with?

Collapse
 
patrickdemers6 profile image
Patrick Demers

More info about rate limits and billing plans is slated for later this quarter or early Q3.

Collapse
 
ciumagcatalin profile image
ciumagcatalin

I am trying to deploy this and I getting the "read /etc/fleet-telemetry/config.json: is a directory" error. I tired all I could but could not find the issue. Any help is appreciated!

Attaching to app-1
app-1 | 2024/09/23 13:48:31 maxprocs: Leaving GOMAXPROCS=1: CPU quota undefined
app-1 | time="2024-09-23T13:48:31Z" level=error msg=read_application_configuration_error context=fleet-telemetry error="read /etc/fleet-telemetry/config.json: is a directory"
app-1 | panic: error=load_service_config value="read /etc/fleet-telemetry/config.json: is a directory"
app-1 |
app-1 | goroutine 1 [running]:
app-1 | main.main()
app-1 | /go/src/fleet-telemetry/cmd/main.go:23 +0x25f

Collapse
 
jaypio profile image
jay zh

Thank you for the tutorial!
For the CSR do I need separate CSRs one for domain (your-domain.com) and another for the subdomain (tesla-telemetry.your-domain.com)?

New to this whole thing but very excited, please bear with my questions :)

Collapse
 
bushal profile image
Alastair Breingan

Hi and thanks for the post - lots of scrambling in this area as we try and keep up.

I am afraid I have a number of questions, mainly relating to the differences between the Fleet API which I now have working thanks mainly to llamafilm's proxy addon for Home assistant github.com/llamafilm/tesla-http-pr....
That procedure seems to do much the same as this one, for the first few steps, but I am unsure which bits are duplicates as the proxy automates a fair bit of it.
My developer account does not mention Telemetry, so do I have to go though the steps to create the first CSR?
I have the Cert and Ca bundle as this was needed for Fleet APi and I assume I can use the same domain for Telemetry (if I can work out how to run the server on my shared host).
I also assume that the same Key that is already in the vehicle will do both jobs (or am I being hopeful?)
Thanks again
Al

Collapse
 
osiel_jotrujillo_a6c4641 profile image
Osiel Jo Trujillo

Is there a way to receive a complete JSON data packet at regular intervals? Currently, I receive the data in fragments, such as location, gpsHeading, etc., each coming separately

Collapse
 
christian_menschel_9bd64f profile image
Christian Menschel

The telemetry API can only be used for streaming? Is it possible to use it for sending commands to the car as alternative to the heavy rate limited Fleet API?

Collapse
 
urkman profile image
Stefan Sturm

Thanks for your article.
My Telemetry Server is now running and displays the log entries.

But what's next? How can I get this data and send it to my APOI using a REST call?

Collapse
 
sjhill01 profile image
Steve Hill

In your example telemetry server config you have "path to certificate from previous step" but really this is some path expected inside the container, isn't it?

Collapse
 
patrickdemers6 profile image
Patrick Demers

Yes, you need to make sure the path is accurate however you're running the fleet-telemetry server. If you're running it using Docker, make sure the path corresponds with the mounted volume.