Yeah I messed up. Apparently the Lets encrypt cert never renewed. Now I cant access the HA running on a nuc. I have a keyboard hooked up and I can see the CLI but I have no idea how to save this. Ideally I would like to edit the yaml file but I dont think I can from here. Do I just start over? Is there anyway to save my settings, automation, etc without the yaml?
I don’t know what to do.
I’m confused why an expired certificate means no http access. Just go to the URL for HA in a browser and click through the warning to ignore the certificate error for now until you can fix it.
Also did you use the let’s encrypt addon to manage the certificate? If so just start the addon via the cli.
ha addons start core_letsencrypt
Yeah somehow I couldn’t connect, not even to HTTP so I just started over.
If you’re doing SSL in HA then you can’t ever use http:// - you can however still use https:// and click through the warning.
that would be very helpfull but i have the same problem and all i am getting is the retry to login screen with no option to click through anything (no warning shows up
Setting my clock back has worked for me in the past, to a date before the cert expired
This exact thing happened to me today. HA OS 10.5, latest everything. Not sure yet why the cert didn’t auto renew? But, I logged on via SSH and ran these commands which caused it to renew:
ha addons update core_letsencrypt
ha addons restart core_letsencrypt
ha core restart
Here is a helper script that saved my instance after the certificate wouldn’t renew.
#!/bin/bash
is_user_root () { [ "${EUID:-$(id -u)}" -eq 0 ]; }
if is_user_root; then
echo "Certbot renew..."
certbot renew
echo "Refreshing updates..."
ha refresh-updates
echo "Updating Letsencrypt addon..."
ha addons update core_letsencrypt
echo "Restarting Letsencrypt addon..."
ha addons restart core_letsencrypt
echo "Updating DuckDNS addon..."
ha addons update core_duckdns
echo "Restarting DuckDNS addon..."
ha addons restart core_duckdns
echo "Restarting core (be patient)..."
ha core restart
echo "Done!"
else
echo "Must be executed by priviledged account!" >&2
exit 1
fi
Unbelievable that the best hack from the 90s is still working 
I’ll say. Before now, I didn’t have the terminal and SSH addon started at boot since I rarely need it. Being locked out of the web UI meant that I couldn’t start it … wahhh-wahhhh! I had to use this old system clock trick to get back into the web UI.
(Those of you who suggested just clicking through the browser warning didn’t realize that that’s only the first gate. The HA web UI has its own check, and I didn’t find a way to get past that.)
So, this happened to me today, just like it happened to others. After a fair amount of fiddling around based on suggestions in this thread, I recovered by doing these steps in the DuckDNS addon config tab:
[] (without that empty list, the save blows up with an error).I reckon I’ll have to go through something like this again in 3 months when the certs expire again.
Well, here it is 3 months later, and I’m in the same certificate expiration boat. I’m glad I made notes last time.
But lucky me … at the moment, DuckDNS is having problems.
