Configuring api_password via http integration has been deprecated

shankarsd · August 9, 2019, 4:25am

Hi all,

I keep getting the following error in my logs and I am unsure of what is causing it. I have only recently started using Hassio which is installed on a rasp pi 3B+

2019-08-09 11:55:28 WARNING (MainThread) [homeassistant.components.http] Configuring api_password via the http integration has been deprecated. Use the legacy api password auth provider instead. For instructions, see https://www.home-assistant.io/docs/authentication/providers/#legacy-api-password
2019-08-09 11:55:28 WARNING (MainThread) [homeassistant.components.http.auth] legacy_api_password support has been enabled.
2019-08-09 11:55:29 WARNING (Recorder) [homeassistant.components.recorder] Ended unfinished session (id=19 from 2019-08-06 13:19:12.753096)
2019-08-09 11:55:32 ERROR (SyncWorker_1) [homeassistant.components.bom.weather] Could not get BOM weather station from lat/lon
2019-08-09 11:56:29 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 192.168.20.1
2019-08-09 11:56:30 WARNING (MainThread) [homeassistant.components.http.ban] Login attempt or request with invalid authentication from 192.168.20.1
2019-08-09 12:07:50 ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
  File "uvloop/sslproto.pyx", line 500, in uvloop.loop.SSLProtocol._on_handshake_complete
  File "uvloop/sslproto.pyx", line 484, in uvloop.loop.SSLProtocol._do_handshake
  File "/usr/local/lib/python3.7/ssl.py", line 774, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: VERSION_TOO_LOW] version too low (_ssl.c:1076)
2019-08-09 12:08:15 ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
  File "uvloop/sslproto.pyx", line 500, in uvloop.loop.SSLProtocol._on_handshake_complete
  File "uvloop/sslproto.pyx", line 484, in uvloop.loop.SSLProtocol._do_handshake
  File "/usr/local/lib/python3.7/ssl.py", line 774, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: NO_SHARED_CIPHER] no shared cipher (_ssl.c:1076)
2019-08-09 12:15:40 WARNING (zeroconf-ServiceBrowser__googlecast._tcp.local.) [zeroconf] Exception occurred:
Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/zeroconf.py", line 2245, in send
    bytes_sent = s.sendto(packet, 0, (addr, port))
PermissionError: [Errno 1] Operation not permitted

DavidFW1960 · August 9, 2019, 4:47am

The very first error tells you exactly where to go to fix it. You have also possibly locked yourself out - do you have an ip_bans.yaml file in the config folder?

shankarsd · August 9, 2019, 5:09am

Ok - Ive updated the config.yaml with auth_providers.

But I do not have ip_bans.yaml in my config folder.

DavidFW1960 · August 9, 2019, 5:11am

Ok… so is it working now then? If not post your config as a start

shankarsd · August 9, 2019, 5:30am

I thought it was working as it removed the error when I validated the config. But now when I log in it gets stuck on “initialising” in the Hassio web interface. I think my lines in the config.yaml are out of whack… Thanks for your help so far!

# Configure a default setup of Home Assistant (frontend, api, etc)
default_config:

homeassistant:
  auth_providers:
   - type: homeassistant
   - type: legacy_api_password
  
  latitude: !secret latitude
  longitude: !secret longitude
  elevation: 23
  unit_system: metric
  time_zone: Australia/Perth
  name: SaKa Home
  #whitelist_external_dirs:
   # - /usr/var/dumping-ground
   # - /tmp

#Weather from Australian Bureau of Meteorology (BOM)
weather:
  - platform: bom
    name: Perth
#camera:
 # - platform: bom
  #  location: Perth

# Text to speech
tts:
  - platform: google_translate

group: !include groups.yaml
automation: !include automations.yaml
script: !include scripts.yaml

http:
  #Secrets are defined in the secrets.yaml file 
  api_password: !secret http_password
  base_url: https://<mydomain>.duckdns.org:8123
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

DavidFW1960 · August 9, 2019, 5:34am

do you already have duckdns/ssl setup? Also remove the api_password from http: section. If you don’t have ssl and duckdns setup, comment out thoise lines as well.

shankarsd · August 9, 2019, 5:36am

Yes, I do have DuckDNS and SSL setup. So is that the issue? I haven’t commented out those lines yet.

DavidFW1960 · August 9, 2019, 5:39am

if they are setup it shouldn’t be an issue but the api_password under http might be.
Is this a new setup?
What settings have you made on your router (port forwarding)?

shankarsd · August 9, 2019, 5:41am

Yes this is a new set up - few days old. Should I comment out the api_password line?

I have set up port forwarding for 443 and 8123

DavidFW1960 · August 9, 2019, 5:46am

only the one under http: section.
how did you setup ssl and duckdns?

shankarsd · August 9, 2019, 5:50am

Hmmm still won’t let me get in. Maybe I need to restart by turning it off and on manually.

Set up SSL and duckdns following different youtube videos (JuanMTech)

DavidFW1960 · August 9, 2019, 5:55am

yeah try commenting out the base url and ssl lines and see if you can get in via the ipaddress:8123
eliminate ssl as the reason for the errors anyway

samnewman86 · August 9, 2019, 6:12am

Looks like you need an extra space before each hyphen under auth_providers

DavidFW1960 · August 9, 2019, 6:19am

yeah it does. I missed that.

shankarsd · August 9, 2019, 9:34am

Thank you!

samnewman86 · August 9, 2019, 11:29am

No problem, glad to help.
Sometimes the problem can be right.under our noses