LetsEncrypt - Error in HTTPServer.tick

jwl173305361 · July 25, 2016, 12:54am

Jul 24 20:29:51 automation hass[31863]: Error in HTTPServer.tick
Jul 24 20:29:51 automation hass[31863]: Traceback (most recent call last):
Jul 24 20:29:51 automation hass[31863]: File "/var/opt/home-assistant/deps/cherrypy/wsgiserver/wsgiserver3.py", line 1682, in start
Jul 24 20:29:51 automation hass[31863]: self.tick()
Jul 24 20:29:51 automation hass[31863]: File "/var/opt/home-assistant/deps/cherrypy/wsgiserver/wsgiserver3.py", line 1748, in tick
Jul 24 20:29:51 automation hass[31863]: s, ssl_env = self.ssl_adapter.wrap(s)
Jul 24 20:29:51 automation hass[31863]: File "/var/opt/home-assistant/deps/cherrypy/wsgiserver/ssl_builtin.py", line 67, in wrap
Jul 24 20:29:51 automation hass[31863]: server_side=True)
Jul 24 20:29:51 automation hass[31863]: File "/usr/lib/python3.4/ssl.py", line 364, in wrap_socket
Jul 24 20:29:51 automation hass[31863]: _context=self)
Jul 24 20:29:51 automation hass[31863]: File "/usr/lib/python3.4/ssl.py", line 577, in __init__
Jul 24 20:29:51 automation hass[31863]: self.do_handshake()
Jul 24 20:29:51 automation hass[31863]: File "/usr/lib/python3.4/ssl.py", line 804, in do_handshake
Jul 24 20:29:51 automation hass[31863]: self._sslobj.do_handshake()
Jul 24 20:29:51 automation hass[31863]: ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:600)

More about my system. Raspbian Jessie. HA Version 0.24.1. Running VirtualEnv. I’ve tried installing as root and inside the virtualenv with the same error that is shown above. The install works without errors and so does a renewal. Port 80 > 80 & Port 443 > 8123 are forwarded. I use a local script that updates external DNS with my IP and have validated that my public IP matches my DNS resolution. The permissions for /etc/letsencrypt are 777 recursively and owned by hass (the virtualenv user that HA is running as). I followed: https://home-assistant.io/blog/2015/12/13/setup-encryption-using-lets-encrypt/

I’m not sure what else I’m missing.

EDIT: This is happening every 5 seconds and makes home-assistant completely inaccessible from outside and inside my network. Neither inside 8123 nor externally https (443)

jwl173305361 · July 28, 2016, 11:23pm

Just installed fresh using the All-in-one installer and got the exact same error.

Jul 28 19:21:19 automation hass[4132]: Error in HTTPServer.tick
Jul 28 19:21:19 automation hass[4132]: Traceback (most recent call last):
Jul 28 19:21:19 automation hass[4132]: File "/home/hass/.homeassistant/deps/cherrypy/wsgiserver/wsgiserver3.py", line 1682, in start
Jul 28 19:21:19 automation hass[4132]: self.tick()
Jul 28 19:21:19 automation hass[4132]: File "/home/hass/.homeassistant/deps/cherrypy/wsgiserver/wsgiserver3.py", line 1748, in tick
Jul 28 19:21:19 automation hass[4132]: s, ssl_env = self.ssl_adapter.wrap(s)
Jul 28 19:21:19 automation hass[4132]: File "/home/hass/.homeassistant/deps/cherrypy/wsgiserver/ssl_builtin.py", line 67, in wrap
Jul 28 19:21:19 automation hass[4132]: server_side=True)
Jul 28 19:21:19 automation hass[4132]: File "/usr/lib/python3.4/ssl.py", line 364, in wrap_socket
Jul 28 19:21:19 automation hass[4132]: _context=self)
Jul 28 19:21:19 automation hass[4132]: File "/usr/lib/python3.4/ssl.py", line 577, in __init__
Jul 28 19:21:19 automation hass[4132]: self.do_handshake()
Jul 28 19:21:19 automation hass[4132]: File "/usr/lib/python3.4/ssl.py", line 804, in do_handshake
Jul 28 19:21:19 automation hass[4132]: self._sslobj.do_handshake()
Jul 28 19:21:19 automation hass[4132]: ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:600)

martinhjelmare · July 28, 2016, 11:41pm

What about the permissions of /etc? Is it executable for all?

jwl173305361 · July 28, 2016, 11:43pm

Yep.

The permissions for /etc/letsencrypt are 777 recursively and owned by hass (the virtualenv user that HA is running as).

martinhjelmare · July 28, 2016, 11:44pm

Yes, but what about the parent directory /etc?

jwl173305361 · July 28, 2016, 11:46pm

I’m not going to, nor should I have to modify permissions on /etc.

martinhjelmare · July 28, 2016, 11:47pm

To be able to traverse the tree parent dirs have to be executable.

jwl173305361 · July 28, 2016, 11:49pm

drwxr-xr-x 91 root root 4096 Jul 28 19:35 etc

It is executable

martinhjelmare · July 28, 2016, 11:51pm

Did you enter the absolute path to the certs in the config?

jwl173305361 · July 29, 2016, 12:12am

Yep, sure did. I followed the instructions from: https://home-assistant.io/blog/2015/12/13/setup-encryption-using-lets-encrypt/ EXACTLY… At least 30 times now. Installing as root, as hass, as pi… With permission owned by hass, as root, and always as 777.

At this point I’m giving up. I’m going to put the error message over as an issue and let the devs take a look.

Thanks for all of your ideas and help!

EDIT: And of those 30 times half were on a completely different/new system.

jwl173305361 · August 8, 2016, 12:06am

Just a friendly bump. Wondering if anyone has successfully got this working since I posted my issue?