Cant login in via app

Mobile Apps Home Assistant Companion for Android
1

Hi, i cant seem to get the app working for either android or ios.
I get these lines in the log when i try, i did try with both username (which i never get an option to enter) and trusted networks:

--------------------------8<--------------------------

2019-12-17 09:55:58 ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
  File "/usr/lib/python3.7/asyncio/sslproto.py", line 625, in _on_handshake_complete
    raise handshake_exc
  File "/usr/lib/python3.7/asyncio/sslproto.py", line 189, in feed_ssldata
    self._sslobj.do_handshake()
  File "/usr/lib/python3.7/ssl.py", line 763, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)
2019-12-17 09:55:58 ERROR (MainThread) [homeassistant.core] Error doing job: SSL error in data received
Traceback (most recent call last):
  File "/usr/lib/python3.7/asyncio/sslproto.py", line 526, in data_received
    ssldata, appdata = self._sslpipe.feed_ssldata(data)
  File "/usr/lib/python3.7/asyncio/sslproto.py", line 189, in feed_ssldata
    self._sslobj.do_handshake()
  File "/usr/lib/python3.7/ssl.py", line 763, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)
2019-12-17 09:56:04 WARNING (MainThread) [homeassistant.components.device_tracker] Updating device list from legacy took longer than the scheduled scan interval 0:00:45
2019-12-17 09:56:49 ERROR (MainThread) [homeassistant.components.auth.indieauth] Timeout while looking up redirect_uri https://home-assistant.io/android
2019-12-17 09:56:49 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 192.168.0.60
2019-12-17 09:56:49 ERROR (MainThread) [homeassistant.core] Error doing job: SSL error in data received
Traceback (most recent call last):
  File "/usr/lib/python3.7/asyncio/sslproto.py", line 526, in data_received
    ssldata, appdata = self._sslpipe.feed_ssldata(data)
  File "/usr/lib/python3.7/asyncio/sslproto.py", line 207, in feed_ssldata
    self._sslobj.unwrap()
  File "/usr/lib/python3.7/ssl.py", line 767, in unwrap
    return self._sslobj.shutdown()
ssl.SSLError: [SSL: KRB5_S_INIT] application data after close notify (_ssl.c:2609)
2019-12-17 09:56:53 ERROR (MainThread) [homeassistant.components.auth.indieauth] Timeout while looking up redirect_uri https://home-assistant.io/android
2019-12-17 09:56:53 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 192.168.0.60
2019-12-17 09:57:02 ERROR (MainThread) [homeassistant.components.auth.indieauth] Timeout while looking up redirect_uri https://home-assistant.io/android
2019-12-17 09:57:03 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 192.168.0.60

-------------------------->8--------------------------

I have a working ssl certificate and it has not expired.
I have my own DNS so i use the same port and hostname (ie: mydomain.com:XXXX) both locally and externally and its working great in chrome, but not in the app.
I have both discovery and mobile_app added in configuration.
The HA is installed on debian 10 in a venv further relevant specs below:

arch x86_64
dev false
docker false
hassio false
os_name Linux
python_version 3.7.3
timezone Europe/Stockholm
version 0.102.3
virtualenv true

I have tried and disabled IPV6 but no avail. I can ping and surf to home-assistant.io from the debian machine without any problem with both IPV6 on and off.

Sooo…what im i doing wrong?
I would REALLY appreciate any help i can get!

1 Like
2

i had the same issue

if you dont have proper ssl certs setup
they dont like them
just connect using http instead of https when you enter the address manually in the app
i was able to get in after that

3

I am using certs from https://www.sslforfree.com/ and they are valid?

4

The problem is likely that your hass host doesn’t have the trusted root ca list. Look here:

5

Correction, might be that you didn’t enter the url manually or entered the hass IP address. Or maybe your base_url is missing something.

Anyway it’s likely network related and there is a guide for how to do it properly here: https://companion.home-assistant.io/en/troubleshooting/networking

Sorry you may need to translate some of the steps to your setup as the guide is mostly about hass.io on hassos but the basics apply just the same.

6

I have my own DNS server and domain and I use the same URL on both LAN and WAN (https://my.domain.com:xxxx) to access my HA. I never use IP, only the base URL.
IE: I am using hairpin NAT and split brain DNS without any other problems.
But the app won’t work…!

7

Hi, I Just had the same problem, only I found a solution. I was logging in with an API-Password, I set this up so I would have to type so much. Only I found out that an API doesn’t work and you have to use a Long-Lived access token for it to work.
If you login to home assistant on your watch via the nice ‘hassgalaxy.app/••••••’ feature, just make sure that you keep your watch’ screen turned on the entire time. For me it didn’t work if the screen turned black only ones during the process.
Good luck!