I’m using the method Here to open my Home Assistant secure to the internet.
Everything works except for the companion app. The app constantly generates the error of “Login attempt or request with invalid authentication from xxx.myvzw.com (174.245.x.x). See the log for details.”
I’ve gone round and round and nothing I try works. The companion app works fine if I have it connect internally via a internal URL while on local WIFI.
The external link works fine via Chrome on my phone; only the companion app doesn’t work.
Cloudflare doesn’t show any error. It repeated show my phone making to Path calls. One to “/auth/token” and the other to “/api/websocket”
Any ideas?
I’ve done more testing in the past few days. It appears that if I setup the cloudflare tunnel to hit the HomeAssistant server via an HTTP URL (which doesn’t redirect to HTTPS), then things do work. The issue only seems to happen if I try to hit HomeAssistant via HTTPS over the Cloudflare tunnel.
Very odd… This issue doesn’t happen in Chrome; only via the Home Assistant Companion app. On the plus side, given that the traffic between the the Companion app and Cloud flare is encrypted via HTTPS, and Cloudflare to my house is encrypted via the VPN tunnel… it’s not a huge deal if the the web traffic inside the tunnel isn’t encrypted. I’d just prefer to avoid cleartext HTTP whenever possible.
Does anyone have any ideas on why the Companion app is falling over itself when HTTPS traffic is sent over the VPN tunnel?