Homeassistant Voice PE SSL Problems

Hi,
I’m really out of ideas. My Home Assistant is running in a Proxmox VM. The firewall is configured correctly, but that’s not the problem.

My Home Assistant is accessible via a Let’s Encrypt certificate. It worked flawlessly for years. Now I’ve bought Voice PE, and nothing works at all. Surely I can’t be the only one whose setup isn’t working.

If I completely disable SSL, Voice PE works but everything else doesn´t because it´s expecting SSL. But as soon as I enable SSL Voice PE doens´t work anymore.

Log:

[20:20:54.071][D][media_player:096]: 'Media Player' - Setting
[20:20:54.146][D][media_player:103]:   Media URL: https://hass.someurl.de/api/esphome/ffmpeg_proxy/adb0b17f46e74602a1e9276472be6016/9hVsUrXcuW36p_pg1OiQBw.flac
[20:20:54.146][D][http_media_source:244]: Started read and decode tasks for pipeline 0
[20:20:54.146][D][http_media_source:253]: Pipeline 0 starting
[20:20:54.218][D][esp-idf:000][HTTPRead_0]: E (20904) esp-tls: [sock=62] delayed connect error: Connection reset by peer
[20:20:54.221][D][esp-idf:000][HTTPRead_0]: E (20904) esp-tls: Failed to open new connection
[20:20:54.222][D][esp-idf:000][HTTPRead_0]: E (20904) transport_base: Failed to open a new connection
[20:20:54.222][D][esp-idf:000][HTTPRead_0]: E (20904) HTTP_CLIENT: Connection failed, sock < 0
[20:20:54.225][E][component:362][HTTPRead_0]: http_request set Error flag: unspecified
[20:20:54.228][E][http_request.idf:128][HTTPRead_0]: HTTP Request failed: ESP_ERR_HTTP_CONNECT
[20:20:54.228][E][http_media_source:391][HTTPRead_0]: Pipeline 0: Failed to start HTTP request
[20:20:54.228][E][http_media_source:264]: Pipeline 0 error occurred during playback
[20:20:55.219][E][component:379]: http_request cleared Error flag

This help article states I need to change the internal/external URL. I´ve tried every combination I could think of but nothing works:

If I put this in:
homeassistant:
internal_url: http://homeassistant:8123
external_url: http://homeassistant:8123

I get this Log:

[21:54:57.074][E][http_media_source:264]: Pipeline 0 error occurred during playback
[21:54:57.074][E][http_request.idf:208][HTTPRead_0]: HTTP Request failed; URL: http://homeassistant.local:8123/api/esphome/ffmpeg_proxy/adb0b17f46e74602a1e9276472be6016/C5aUq_ZbyB44mTUGK5N9YQ.flac; Code: -1
[21:54:57.074][E][component:362][HTTPRead_0]: http_request set Error flag: unspecified
[21:54:57.074][E][http_media_source:400][HTTPRead_0]: Pipeline 0: HTTP request failed with status -1
[21:54:58.068][E][component:379]: http_request cleared Error flag

Am I doing something wrong?
If setting up Home Assistant Voice is this complex, I’d rather stick with the data-hungry Alexa.

I would suggest that you put this aside until the current problems with Voice Assist PE are resolved.

Voice PE uses the internal URL to retrieve TTS audio. It must be an address accessible to voice PE. Https and http are OK

Let’s encrypt cert is valid but I’m thinking voice PE is connecting locally to HA and not using valid cert but instead self-signed cert?

You can try add http_request component to your YAML for voice PE and set verify_ssl: false .

EDIT
I just re read what I put. I was thinking duckdns.

Either way the let’s encrypt cert is only valid for the domain but unless you setup local dns or domain forward to proxy the cert is invalid for a specific IP or .local or local hostname. My suggestion above should work.

Needed to set external Hass URL to:
https://homeassistant:8123

Then added this at the End of the ESPhome .yaml:

http_request:
  verify_ssl: false

Worked immediately. Thanks!

Does that bypass raise security issues?

It’s only pulling local resource but yes. Security is lowered. It would be better than http. It’s like accessing https in browser and ignoring the warning about “can’t verify site”