The device came with software version 2.0.134 and could only be programmed using ETS with the KNX/IP-Router V2.0 901610 V0.1 application.
Of course, I wanted to upgrade it to a modern firmware (4.x) so I could use it with the KNX IP-Router V4 application and enable Secure KNX.
First attempts on Windows 11
I tried upgrading with Gira Project Assistant (GPA) 5.2.0 on Windows 11.
That failed immediately with an XMLRPC error / (TLS error)
Typical registry hacks to re-enable TLS 1.0 and TLS 1.1 did not help.
Windows 10/11 no longer support these protocols properly for old .NET apps.
Windows 7 SP1 Virtual Machine
So I created a Windows 7 SP1 VM on Hyper-V.
KB hotfixes installed
To get .NET and TLS working I first installed the following updates:
-
KB4490628 (Servicing Stack Update)
-
KB4474419 (SHA-2 support)
-
KB4536952 (last Rollup, Jan 2020, incl. latest root certificates)
Registry fixes for TLS 1.0 and 1.1
By default Win7 SP1 doesn’t have explicit keys for TLS, so I created them:
Reboot after importing this .reg file.
Fixing the certificate error
The IP Router with firmware 2.x only offers a self-signed TLS 1.0 cert.
Newer GPA versions reject this. To fix it:
-
Downloaded OpenSSL 1.0.2u for Windows (binary build that still supports TLS 1.0/1.1).
-
Ran:
-
Copied everything between:
into a new file
gira.cer. (including these headers) -
Imported the cert into Trusted Root Certification Authorities:
-
Rebooted the VM.
Just to be safe, I also set the system time back to 01-01-2018 (not sure if needed, but maybe it helped).
Upgrading the firmware
With GPA 2.6 running on Windows 7 SP1:
-
Connected to the IP router.
-
Installed firmware 3.1.3683 first (step-upgrade).
-
This takes a while.
-
-
Then installed firmware 4.1.474.
-
Rebooted the device.
-
Pressed the program button and programmed the individual address using ETS 5.
-
Downloaded the KNX IP-Router V4 (V4.0) application to the device using ETS 5.
Default login
After the upgrade, use the default username: device and the password: device
Leave A Comment