I have a Pixal 5 latest updates and have the same issue, I guess HA does no QA with the main app on the only 2 Mobile OS. How hard would it be to reproduce and figure it out? Or they know and it’s too hard to fix like root CA with intermediate certs.
Common Name (CN)
R3
Organization (O)
Let’s Encrypt
Organizational Unit (OU)
I’m so compelled to help you with that great attitude and respect to the developers.
These are errors only you can solve as a user.
I have the same issue setting up the companion app on an old FireHD tablet running android 9.
I am running HA behind cloudflare argo with MTLs setup for all android devices on the front end (this part works fine).
All my new android devices can connect fine, however my older tablet would pass the mtls challenge and receive SSL handshake error after the login screen when naming the device and setting notifications.
Is the tablet used local only? Why SSL then?
Hi all! I’m facing the same issue. I’m using a Google Pixel 6 running the latest Android version and security patch. This is the output from the companion app logs:
09-11 11:28:52.190 2679 2718 E SensorReceiver: error:10000419:SSL routines:OPENSSL_internal:TLSV1_ALERT_ACCESS_DENIED (external/boringssl/src/ssl/tls_record.cc:594 0xb4000072e115ab38:0x00000001)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at com.android.org.conscrypt.SSLUtils.toSSLHandshakeException(SSLUtils.java:363)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngine.convertException(ConscryptEngine.java:1134)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:919)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:747)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:712)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngineSocket$SSLInputStream.processDataFromSocket(ConscryptEngineSocket.java:858)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngineSocket$SSLInputStream.-$$Nest$mprocessDataFromSocket(Unknown Source:0)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngineSocket.doHandshake(ConscryptEngineSocket.java:241)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngineSocket.startHandshake(ConscryptEngineSocket.java:220)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at okhttp3.internal.connection.RealCall$AsyncCall.run(RealCall.kt:517)
09-11 11:28:52.190 2679 2718 E SensorReceiver: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
09-11 11:28:52.191 2679 2718 E SensorReceiver: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
09-11 11:28:52.191 2679 2718 E SensorReceiver: at java.lang.Thread.run(Thread.java:1012)
09-11 11:28:52.191 2679 2718 E SensorReceiver: Caused by: javax.net.ssl.SSLProtocolException: Read error: ssl=0xb4000072c1156618: Failure in SSL library, usually a protocol error
09-11 11:28:52.191 2679 2718 E SensorReceiver: error:10000419:SSL routines:OPENSSL_internal:TLSV1_ALERT_ACCESS_DENIED (external/boringssl/src/ssl/tls_record.cc:594 0xb4000072e115ab38:0x00000001)
09-11 11:28:52.191 2679 2718 E SensorReceiver: at com.android.org.conscrypt.NativeCrypto.ENGINE_SSL_read_direct(Native Method)
09-11 11:28:52.191 2679 2718 E SensorReceiver: at com.android.org.conscrypt.NativeSsl.readDirectByteBuffer(NativeSsl.java:569)
09-11 11:28:52.191 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngine.readPlaintextDataDirect(ConscryptEngine.java:1095)
09-11 11:28:52.191 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngine.readPlaintextData(ConscryptEngine.java:1079)
09-11 11:28:52.191 2679 2718 E SensorReceiver: at com.android.org.conscrypt.ConscryptEngine.unwrap(ConscryptEngine.java:876)
09-11 11:28:52.191 2679 2718 E SensorReceiver: ... 26 more
Any help with this would be greatly appreciated.
You might find my YouTube video on how to configure LetsEncrypt with CloudFlare for Home Assistant helpful