Let's encrypt

I have been setting up Let’s encrypt as per instructions here home-assistant.io/blog/2015/12/ … s-encrypt/

However there seems to be a permission issue.

Feb 12 20:43:50 deepi hass[2596]: ERROR:homeassistant.components.http:Error setting up HTTP server Feb 12 20:43:50 deepi hass[2596]: Traceback (most recent call last): Feb 12 20:43:50 deepi hass[2596]: File "/usr/local/lib/python3.4/dist-packages/homeassistant/components/http.py", line 69, in setup Feb 12 20:43:50 deepi hass[2596]: development, ssl_certificate, ssl_key) Feb 12 20:43:50 deepi hass[2596]: File "/usr/local/lib/python3.4/dist-packages/homeassistant/components/http.py", line 117, in __init__ Feb 12 20:43:50 deepi hass[2596]: context.load_cert_chain(ssl_certificate, keyfile=ssl_key) Feb 12 20:43:50 deepi hass[2596]: PermissionError: [Errno 13] Permission denied Feb 12 20:43:50 deepi hass[2596]: ERROR:homeassistant.bootstrap:component http failed to initialize Feb 12 20:43:50 deepi hass[2596]: ERROR:homeassistant.bootstrap:Not initializing api because not all dependencies loaded: http

Any ideas? Do I need to run HA as root? Many thanks.

The user you run home assistant with needs read permissions to the cert directory. If I recall, I think some folks had some idea’s here: https://community.letsencrypt.org/t/how-to-use-certs-in-non-root-services/2690

As jbags81 said, HA is trying to read the certificates and being denied.

Make sure the directories are owned by the user that runs the service. My directories have 700 permissions and the certificates themselves have 600.

Thanks guys! I now solved it by setting the live and archive directories to 744. Automatic renewal of the certs might still be in issue, but I’ll look into the link above that jbags81 shared some more and play around with the suggestions.

@wingers1290 If I’d change the ownership and I have two users that are trying to access the certs, that wouldn’t work, would it?