Home assistant Voice PE TLS certificate verification failed

Hello.

I have purchased HA Voice Preview edition and added the device to HASSIO core 2024.12.5. some features work but TTS/ responses do not.

When I select “set up voice assistant” in integrations > ESPHome

After awhile I see the following:

“The voice assistant is unable to connect to Home Assistant
To play audio, the voice assistant device has to connect to Home Assistant to fetch the files. Our test shows that the device is unable to reach the Home Assistant server.”

After some troubleshooting and not getting very far I decided to “Take control” using “ESPHome builder”.

After compiling and installing, I see the following in the logs.

[23:45:15][D][esp-idf:000][ann_read]: E (2819428) esp-x509-crt-bundle: Failed to verify certificate

[23:45:15][D][esp-idf:000][ann_read]: E (2819431) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x3000

[23:45:15][D][esp-idf:000][ann_read]: E (2819432) esp-tls: Failed to open new connection

[23:45:15][D][esp-idf:000][ann_read]: E (2819433) transport_base: Failed to open a new connection

[23:45:15][D][esp-idf:000][ann_read]: E (2819434) HTTP_CLIENT: Connection failed, sock < 0

[23:45:15][E][nabu_media_player.pipeline:171]: Media reader encountered an error: ESP_ERR_HTTP_CONNECT
[23:45:15][E][nabu_media_player:305]: The announcement pipeline's file reader encountered an error.

It seems perhaps the “unable to connect to home assistant to play voice” error may be due to a certificate error?

Is there a way to get round this problem? Perhaps an ignore SSL error configuration entry or ideally add the appropriate root CA to the bundle? If that is the cause?

Commands such as “turn the light on” or off do work, just responses to things like “what time is it?” There’s no audio from TTS.

Your input is very much appreciated.

I have the same problem :frowning:

i suspect this may have something to do with it. My local network field points to an old location (a DNS redirect I had set up at one time. 2rememberyou.me) that is invalid and no longer exist. Problem is that I cant edit it and there is nothing in my config that should be restricting me from doing so as the message suggest. I may be way off the mark here but if you press the ‘Help Me’ button when the error comes up it brings you to this page and the section that is talking about that box. Troubleshooting Assist - Home Assistant please help.

Edit: Found a solution.

Instructions for Resolving the “Voice Assistant Cannot Connect to Home Assistant” Issue

If you’re encountering the error “The voice assistant is unable to connect to Home Assistant” or facing issues where the Local Network URL in Home Assistant settings is incorrect, grayed out, or pointing to an outdated or unreachable URL, follow these steps to resolve the issue.


Symptoms:

  1. The voice assistant understands commands but does not play Text-to-Speech (TTS) responses.
  2. The Local Network URL under Settings > System > Network is incorrect, outdated, or locked from editing.
  3. Errors in the Home Assistant logs, such as the voice assistant being unable to fetch audio files.

Step-by-Step Fix:

1. Access Your Home Assistant Files

You will need SSH or direct access to the Home Assistant file system. If you don’t already have SSH enabled:

  • Install the SSH & Web Terminal add-on from Home Assistant Add-On Store.
  • Enable SSH and connect to your Home Assistant instance.
2. Search for the Problematic URL

Run the following command to locate where the incorrect URL is stored:

bash

Copy code

grep -ri "your-problematic-url" /config/.storage

Replace your-problematic-url with the outdated or incorrect URL (e.g., 2rememberyou.me).

The command should return the file path where the URL is stored, typically in:

bash

Copy code

/config/.storage/core.config
3. Edit the Configuration File

Once you’ve identified the file, open it for editing:

bash

Copy code

nano /config/.storage/core.config 

In this file, look for a section similar to:

json

Copy code

"internal_url": "https://your-problematic-url",
4. Update or Nullify the URL

Change the internal_url value to null or update it to your correct local IP address.

For example:

  • To clear the value:

json

Copy code

"internal_url": null,
  • Or, to set your correct local URL:

json

Copy code

"internal_url": "http://192.168.1.227:8123",
5. Save the Changes
  1. Press CTRL + O to save the file.
  2. Press Enter to confirm the file name.
  3. Press CTRL + X to exit.
6. Restart Home Assistant

Restart Home Assistant to apply the changes:

bash

Copy code

ha core restart
7. Verify and Fix Local Network URL
  • Go to Settings > System > Network.
  • Check the Local Network URL field. It should now display the correct local URL (e.g., http://192.168.1.227:8123) and be editable.

If it still shows the old URL, enter the correct URL and save the changes.


Notes:

  • The internal_url setting in /config/.storage/core.config overrides the Local Network URL in the UI. Deleting or nullifying it allows Home Assistant to recalculate the correct URL automatically.
  • This fix applies to Home Assistant setups where an incorrect or outdated internal URL is blocking TTS or other network-dependent functionalities.

This was the solution for me. Hopefully it works for you as well.

Edit 2: Man this device is SO nice. Local Piper and Wisper v3 Turbo running on a rack mount 4090.

@2rememberyou thank you for your input

I opened a new issue on GitHub after I “Took control” in ESPHome builder and saw an issue with TLS certificate verification.

See here:

I have used a work around to set “verify_ssl: false” in the configuration file in ESPHome Builder.

Not ideal but with my set up it’s the quickest way to get a fully working HA Voice PE device. “Setup voice assistant” wizard now works from the integration. Now I need to get better hardware for local LLM. Hope this helps anyone that can’t get TTS responses. working.

Thanks.
my problem was that in the internal ULR https: and not http:.After change it worked. :smiley: