Can't start Let's Encrypt addon and Config.yaml wont pass Check

bigmike · December 20, 2017, 8:52pm

Hello,
so my options for Let’s Encrypt addon contains this, but after I click Start, nothing happend.

 {
 "challenge": "https",
 "email": "###@####.eu",
 "domains": [
 "####.cloud"
],
"certfile": "fullchain.pem",
"keyfile": "privkey.pem"
}

so my config file contains:

http:
  api_password: !secret hass_password
  base_url: https://####.cloud:8123
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

End there are few errors like this:

General Errors:
  - Setup failed for http: Invalid config.
  - Unable to setup dependencies of history. Setup failed for dependencies: http
  - Setup failed for history: Could not setup all dependencies.

What can be wrong?
I am using AutoSSH for tunneling to my WPS which can be accesed on ####.cloud. Can this be an issue here?

Thank you.

bigmike · December 21, 2017, 8:15am

No idea?

j.assuncao · December 21, 2017, 8:21am

Try putting your HA machine IP in base_url like:

base_url: http://192.168.1.111:8123

bigmike · December 21, 2017, 8:52am

No luck

bigmike · December 21, 2017, 9:04am

So I was able to start Let’s Encrypt Anndon by disabling Emulated hue on port 80, but my Config still won’t pass check with the same errors…
Lets Encrypt error:

Failed authorization procedure. ####.cloud (tls-sni-01): urn:acme:error:connection :: 
The server could not connect to the client to verify the domain :: Connection refused

bigmike · December 21, 2017, 10:28am

I have forwaded ports 80—>80 and 443—>443 Is that enough or do I have to put them into DMZ?
Thanks.

bigmike · December 22, 2017, 9:54am

Do anybody have any idea, what can be wrong with my setup?

Thank you.

ih8gates · December 22, 2017, 3:12pm

I switched over to Hass.io yesterday from a working AIO install with Let’s Encrypt.

After a few false starts, I was able to get things working doing what you’ve noted:

Forwarding port 80 and 443 to my Hass.io Pi (80-80 and 443-443. nothing pointing to port 8123 during the Let’s setup)
Setting the base_url to my public url. Not the local network IP.

Looks like the error you’re seeing is that the initial transaction with Let’s isn’t happening. Once that happens, it’ll create the privkey and fullchain files and the config should work. So try removing those 2 keys (ssl_cert, ssl_key) from your config so that you can start, then work on activating the add-on in Hass.io

bigmike · December 22, 2017, 5:50pm

Hello, its wroking now. Thank you.
Should I change poortw forwarding - 443 —> 8123 and remove 80 —>80, now?

ih8gates · December 22, 2017, 8:43pm

Yes - once you’ve updated your certificate.