16-08-27 13:47:12 ERROR (MainThread) [homeassistant.bootstrap] Invalid config for [http]: not a file for dictionary value @ data['http']['ssl_certificate']. Got '/etc/letsencrypt/live/mydomain.com/fullchain.pem' not a file for dictionary value @ data['http']['ssl_key']. Got '/etc/letsencrypt/live/mydomain.com/privkey.pem' 16-08-27 13:47:12 ERROR (MainThread) [homeassistant.bootstrap] Not initializing history because not all dependencies loaded: http 16-08-27 13:47:12 ERROR (MainThread) [homeassistant.bootstrap] Not initializing api because not all dependencies loaded: http 16-08-27 13:47:12 ERROR (MainThread) [homeassistant.bootstrap] Not initializing frontend because not all dependencies loaded: api ......... 16-08-27 13:47:13 ERROR (MainThread) [homeassistant.bootstrap] Not initializing logbook because not all dependencies loaded: frontend
So at this point I changed the permission and owner of the folder /etc/letsencrypt/live/mydomain.com/
You need to find the directory your HA user can’t access. Try this:
ls /etc/letsencrypt/live/mydomain.com/fullchain
If that doesn’t work, then remove a directory, and try again. When it works, you’ve found the directory that needs permissions fixed all the way down to the certificate files. I haven’t used letsencrypt, so I don’t know what they suggest for file permissions.
I have been having the same issue, and I’ve tried chmod’ing every level of folder structure to 777 to no avail. I can cat the key files successfully, but get the same error in HA every time. I’ve even tried copying the key files to my home-assistant folder and putting the path to that location in the configuration.yaml file. I’m running HA using docker on Ubuntu 16.04.1. Has anybody been able to solve this issue?
I have same issue, certs are created and when i put the ssl_certificate and key in the config, HA stops working. any help would be appreciated. thanks.
Invalid config for [http]: file not readable for dictionary value @ data['http']['ssl_key']. Got '/etc/letsencrypt/live/mydomainname.duckdns.org/privkey.pem'. (See /home/homeassistant/.homeassistant/configuration.yaml, line 83). Please check the docs at https://home-assistant.io/components/http/
yet I followed the instruction here where it says to:
If I go to /etc/letsencrypt/ and do a ls -l, it shows the directories as follows:
live - drwxr-xr-x 3 root root
archive - drwxr-xr-x 3 root root
My cofiguration.yaml file reads:
http:
# Secrets are defined in the file secrets.yaml
# api_password: !secret http_password
api_password: NotForYourEyes
# Uncomment this if you are using SSL/TLS, running in Docker container, etc.
ssl_certificate: /etc/letsencrypt/live/mydomainname.duckdns.org/fullchain.pem
ssl_key: /etc/letsencrypt/live/mydomainname.duckdns.org/privkey.pem
base_url: mydomainname.duckdns.org
I have tried everything in this thread (and others) to fix the same issue, but nothing is working!
The error I get is:
2019-02-07 11:32:14 ERROR (MainThread) [homeassistant.config] Invalid config for [http]: not a file for dictionary value @ data[‘http’][‘ssl_certificate’]. Got ‘/etc/letsencrypt/live/xxxx.duckdns.org/fullchain.pem’
not a file for dictionary value @ data[‘http’][‘ssl_key’]. Got ‘/etc/letsencrypt/live/xxxx.duckdns.org/privkey.pem’. (See /config/configuration.yaml, line 50). Please check the docs at https://home-assistant.io/components/http/
I have tried chmod 777 on both files and all the folders - I can rename the files so definitely have access to read/write.
I have tried everything here and no dice… my config is straight forward and I am at a loss as to where to turn … I am currently using HA completely unencrypted because of this
2019-05-03 12:20:43 ERROR (MainThread) [homeassistant.config] Invalid config for [http]: not a file for dictionary value @ data['http']['ssl_certificate']. Got 'ssl/fullchain.pem'
not a file for dictionary value @ data['http']['ssl_key']. Got 'ssl/privkey.pem'. (See /config/configuration.yaml, line 23). Please check the docs at https://home-assistant.io/components/http/
where is your ssl folder?
You config shows ssl/fullchain.pem so that would mean [config]/ssl/fullchain.pem
Is this correct, or is the ssl folder located at root location and therefore needs to be entered with a slash first: /ssl/fullchain.pem
Thank you for the reply @lolouk44. Turns out that this is on the right track… but it was a bit more complicated, because my homeassistant root folder is not in the same location as my config so my original path was actually [homeassistant]/ssl/fullchain.pem so /ssl/ did not work either because I needed to find the path /config/ssl/. this means I had to change it to “/config/ssl/fullchain.pem” for it to work.
This is all because I used the docker install of HA and my certbot install is external from that container
Just wanted to chime in here with how I fixed this problem in my setup:
I am running certbot outside of Hassio, and was manually creating symlinks to the two certificate files. Well, it turns out that Docker containers can’t use symlinks from the host system unless the target of the link is also inside the container.
My fix was to copy the cert files to the /use/share/hassio/ssl folder rather than creating a symlink. I’ll probably set up an automatic sync so they’ll get re-copied each time they renew.
You should point HA to /etc/letsencrypt/live// but the ‘live’ level is a link, make sure your HA account has read rights to the actual folder:
/etc/letsencrypt/archive/
I’ve spent the better part of a day trying to get SSL setup on my Hass.io (RPi3 and RPi4).
I first tried using my existing domain name and getting my key from the Let’sEncrypt Add-on at the Hassio store.
When that failed to work, I preceeded to try the DuckDNS method since there seems like a lot more documentation on this process.
Both methods I get a positive confirmation that everything was successful and I get the certificate and key created in the Hassio directory: root/ssl/
I have chmod’d my directory and files to 755
What am I doing wrong? Is there another step I am missing? I have tried all of these steps on a brand new setup of Hassio as well as my existing setup.
I have an indenting question for the http: section. When I look at everyone’s configuration.yaml file online, there is NO indent for the ‘http:’ and a 2 space indent for everything under it. If I use this indentation method, my frontend will fail to load once I add the ssl_certificate and ssl_key sections. If I indent the ‘http:’ 2 spaces and everything else 4 spaces, I have no issue. I have checked spacing and confirmed no tabs more times than I can count. What is the correct way to indent this section and could this be causing me the problem I am having?
I found better solution, more elegant for those of you who have HA installed in Docker container. I had same problem that HA could have not access my ssl cert and key, even I run docker with volume attached which pointed on folder with ssl files. My setup is that I’ve created ssl cert with Let’s Encrypt certbot on host Raspberry Pi4 and then I run HA in Docker container with following command:
This caused me same error HA complaining that “Invalid config for [http]: not a file for dictionary value”
I figured out that actually cert files in this live/mydomian folder are symbolic links to /etc/letsencrypt/archive, therefore I figured that HA within Docker containers is trying to access files via symlinks which are outside of the attached volume.
Solution:
I run HA docker attaching whole /etc/letsencrypt folder instead just only /etc/letsencrypt/live/mydomain
