The # http: that “I think” I am having problems with is the one in the configuration.yaml. I am probably wrong.
I just removed the :8123 as well
http:
base_url: https://mine_here.duckdns.org
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
and am still unable to log back in. I am able to putty to files if need be.
currently I do not have any ports open on my router. I was only trying
http://my_ip:8123, https://my_ip:8123 this time
That line is required if you want to use the system with SSL…unless you figure out how to use a reverse proxy.
home-assistant.log has your answers then.
ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)
2019-06-20 04:27:46 ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
File “uvloop/sslproto.pyx”, line 500, in uvloop.loop.SSLProtocol._on_handshake_complete
File “uvloop/sslproto.pyx”, line 484, in uvloop.loop.SSLProtocol._do_handshake
File “/usr/local/lib/python3.7/ssl.py”, line 763, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)
core-ssh:/config#
Could you do us a favor and use the code tags properly on your posts? This stuff is hard to read
learning here. i will read up on that
testing delete
crap. i guess that was personal
closing my ports and getting a new domain, ugh 
ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)
2019-06-20 04:27:46 ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
File "uvloop/sslproto.pyx", line 500, in uvloop.loop.SSLProtocol._on_handshake_complete
File "uvloop/sslproto.pyx", line 484, in uvloop.loop.SSLProtocol._do_handshake
File "/usr/local/lib/python3.7/ssl.py", line 763, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)
core-ssh:/config#Is your certificate correct? Did it get a certificate?
do I dare ask how do I know if it is correct or if it generated a certificate?
the duckdns log
# INFO: Using main config file /data/workdir/config
I should had said I just started again from the beginning and got a new domain.
i have this in the duckdns config
"lets_encrypt": {
"accept_terms": true,
"certfile": "fullchain.pem",
"keyfile": "privkey.pem"
},
"token": "my_token",
"domains": [
"mydomain.duckdns.org"
],
and want to put this in teh configuration.yaml… again
http:
base_url: https://mydomain.duckdns.org
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pemYou would see the certificate files in the filepath…
I had a very similar problem. It had to do with self signed certificates and if your router has loopback capability.
My suggestion is to try a different browser on your locally connected computer…and accept any bypass they give you on security messages that come up. Safari wouldn’t work on my ipad…I had to install dnsmasq to even get it to work without SLL because my (FIOS/Arris) router doesn’t have NAT loopback.
I have chrome, firefox and microsoft edge, but I don’t recall which worked and which didn’t. I am now running without SSL because it just caused too many problems. I’ll get to implementing it some day.,
I do see certificate files (.pem) in the /ssl path. I do have an AT&T Arris router.
Can you give me some other hints on this statement that you sent?
I am curious if that means you have to connect using http: externally not https.
Did connecting locally ever work? i.e. https://my_ip:8123?
Again, once you tell HA to use a CERTIFICATE, you are telling it to use HTTPS only. HTTP will never work with that.
You should be able to connect locally, using https://localip:8123, no matter what. You will get a certificate error on your browser, but it should be accessible.
I have deleted the .pem files and recreated with the duckdns add on. all good there. as soon as I remove the # in front of the http in the configuration.yaml i can never connect again. not even locally. I think you nailed it as a certificate or browser issue but not sure what I can do about if I can’t even connect locally.
)
2019-06-20 21:13:30 ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
File "uvloop/sslproto.pyx", line 500, in uvloop.loop.SSLProtocol._on_handshake_complete
File "uvloop/sslproto.pyx", line 484, in uvloop.loop.SSLProtocol._do_handshake
File "/usr/local/lib/python3.7/ssl.py", line 763, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)I think you need to learn some of the forum.
Screenshots of previous comments are not necessary. You can highlight the comment and just hit “quote” when it pops up.
Of course not. Your system is crashing. As I asked earlier, are you sure your spacing is correct in your yaml? You seem to have skipped over that.
Because your HA isn’t working.
http:
base_url: "https://mydomain.duckdns.org"
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
above is my yaml. Is there a spacing issue? I wouldn’t be surprised, so thanks. I only edited this portion so below the privkey line is a blank line followed by the default stuff that is in there.
Thanks for the quote tip.