Running Lutron Caseta Cert Script in Hass.io?

The recent .58 update fixes the Lutron Caseta component with the use of the “get_lutron_cert.py” script. This script generates the proper certs needed to get Lutron working again. However, I am using Hass.io on my RP3 and have zero knowledge on how to run this script to generate these certs. I’ve tried installing Python for Windows 10 and couldn’t figure out how to run it. I can’t seem to find the command to run it in Hass.io. I have scoured google trying to figure this out and I’m lost on what to do.

Anyone have stupid easy step-by-step instructions on what I can do to get these certs to generate?

Thank you!

2 Likes

After HOURS of trying to figure it out, I was able to get the certs. Here’s what I did:

  1. Dropped cert directly onto the c:\ root directory
  2. Installed Python 3 64-bit for Windows 10 and chose the option to PATH it for me
  3. With Admin Privileges, ran CMD
  4. python -m venv env <---- at command prompt
  5. pip install cryptography==2.1.3 <---- at command prompt
  6. pip install requests==2.18.4 <---- at command prompt
  7. cd\ <---- at command prompt to take you to c:\
  8. py get_lutron_cert.py <---- at command prompt
  9. It’ll ask you to go to the URL stated - copy/paste URL into browser
  10. Login to your Lutron account
  11. Copy the URL on the error page in your browser after logging into your Lutron Account
  12. Paste the URL into the Command Prompt
  13. Type in your Lutron Bridge’s Internal IP address
  14. If done correctly, it’ll give you a successfully connected to LEAP statement
  15. Move all three new CERT files into your config folder on your Hass.io
  16. When setting up Home Assistant, use the following configuration:
    lutron_caseta:
    host:
    keyfile: caseta.key
    certfile: caseta.crt
    ca_certs: caseta-bridge.crt

NOTE - Add this directly to your configuration.yaml file - it wouldn’t work when I had it in my componnents.yaml file.

Should work for you after a HA restart!

6 Likes

Awesome thanks for this. I’m about to embark on this adventure and unsure where to login to my lutron account to generate the certs in the first place?

Thanks for posting, I still had a few problems. Step 15 it took a few minutes to figure out that the files were on the c: root directory. The browser said page not found, but everything was already in the root.

Is there an easy way to copy the url? I could not copy and paste.

I also had no idea how to correctly run this via Hass.io. In my old Hassbian install it may have been easy, but with Hass.io, some things are actually harder. So, Thanks a ton for this! Seems obvious to me that with Hass.io being heavily used (and supported) the instructions need to be updated, and this was super helpful for Windows users such as myself!

It’s a little finicky, but yes copy/paste to/from the CMD line in windows does work. Try using Ctrl+C (to copy), Ctrl+V (to paste), and the mouse will highlight text in the cmd window. Also you can use the top window menu via Alt+Spacebar and then using the Edit sub-menu.

Well that wasn’t exactly straight forward was it.
Thank you for putting these instructions like that. Connected and working. Muchly appreciated.
Now to figure out how to rename the newly found caseta lights.

Is it normal to get an error message at end?

Traceback (most recent call last):
  File "c:\get_lutron_cert.py", line 156, in <module>
    leap_response['Body']['PingResponse']['LEAPVersion'])
KeyError: 'Body'

Its generating the three files, but they don’t seem to be working.

I had my interface succesfully working, but after re-configuring my network and assigning a new ip address to my caseta bridge, I need to re-run to get everyting working…

I guess its my age, but I’m not remembering exactly how I set it up the first time!..

Any help would be much appreciated…

From what I can tell, Lutron support is currently broken (though something Lutron did).

So is everyone getting “invalid config” with caseta and it’s not working? I changed nothing on my end and it stopped working over the last day or 2.

Others are having problems, https://community.home-assistant.io/t/lutron-dimmer-switches-will-not-load-after-upgrade-to-66-0-hassio/48893

I kept checking github issues and saw none so I thought it was something I did.

Don’t think so, they seemed to stop about the same time on Saturday morning.

I didn’t think that Lutron would push changes to the hub, must have been wrong. Again.

Yes that’s about when mine stopped working. But I had also updated HA Saturday morning and blamed that. Rolled back HA on Sunday and it was still broken.

Please add to the Github issue here, as the forum tends to be a little… chaotic.

I’m getting this error as well when generating the certs.

>py get_lutron_cert.py
Enter the address of your Caseta bridge device: xxx.xxx.xxx.xxx
Traceback (most recent call last):
  File "get_lutron_cert.py", line 156, in <module>
    leap_response['Body']['PingResponse']['LEAPVersion'])
KeyError: 'Body'

And SSL related errors in /config/home-assistant.log

2018-07-14 15:45:26 ERROR (MainThread) [homeassistant.setup] Error during setup of component lutron_caseta
Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/homeassistant/setup.py", line 143, in _async_setup_component
    hass, processed_config)
  File "/usr/lib/python3.6/site-packages/homeassistant/components/lutron_caseta.py", line 57, in async_setup
    yield from bridge.connect()
  File "/usr/lib/python3.6/site-packages/pylutron_caseta/smartbridge.py", line 40, in connect
    yield from self._login()
  File "/usr/lib/python3.6/site-packages/pylutron_caseta/smartbridge.py", line 281, in _login
    self._reader, self._writer = yield from self._connect()
  File "/usr/lib/python3.6/site-packages/pylutron_caseta/smartbridge.py", line 58, in _connect
    family=socket.AF_INET)
  File "/usr/lib/python3.6/site-packages/pylutron_caseta/leap.py", line 16, in open_connection
    limit=limit, **kwds)
  File "/usr/lib/python3.6/asyncio/streams.py", line 75, in open_connection
    lambda: protocol, host, port, **kwds)
  File "uvloop/loop.pyx", line 1851, in create_connection
  File "uvloop/loop.pyx", line 1848, in uvloop.loop.Loop.create_connection
  File "uvloop/sslproto.pyx", line 496, in uvloop.loop.SSLProtocol.data_received
  File "uvloop/sslproto.pyx", line 204, in uvloop.loop._SSLPipe.feed_ssldata
  File "uvloop/sslproto.pyx", line 171, in uvloop.loop._SSLPipe.feed_ssldata
  File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)

Any workarounds for hass.io?

i just upgraded to 0.73.2 and all of my lights showed up. Sweet!

I am getting this same error and can’t figure out what is going wrong here. It properly generated both caseta.crt and caseta.key. Just not the caseta-bridge one. Any suggestions? I see somehow you resolved this.

% python3 ./get_lutron_cert.py
Enter the address of your Caseta bridge device: 192.168.7.128
Traceback (most recent call last):
File “./get_lutron_cert.py”, line 137, in
ssl_socket.connect((server_addr, 8081))
File “/usr/local/Cellar/python/3.7.2_2/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py”, line 1150, in connect
self._real_connect(addr, False)
File “/usr/local/Cellar/python/3.7.2_2/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py”, line 1141, in _real_connect
self.do_handshake()
File “/usr/local/Cellar/python/3.7.2_2/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py”, line 1117, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:1056)

I’m having the same problem. I don’t think its related to HASS because I got an error running the get_python_cert.py AND using the community plugin.

I’m using HASSIO 0.100.3 on Ubuntu

using get_lutron_cert.py with this process Lutron - get_lutron_cert.py I get the following results:
caseta.crt and caseta.key created, be caseta-bridge.crt is not:

(get_lutron_cert) root@hass-E5540:/home/hass/get_lutron_cert# python get_lutron_cert.py
Open Browser and login at https://device-login.lutron.com/oauth/authorize?client_id={REMOVED}&redirect_uri=https%3A%2F%2Fdevice-login.lutron.com%2Flutron_app_oauth_redirect&response_type=code
Enter the URL (of the "error" page you got redirected to (or the code in the URL): https://device-login.lutron.com/lutron_app_oauth_redirect?code={REMOVED}
Enter the address of your Caseta bridge device: 192.168.{REMOVED}
Traceback (most recent call last):
  File "get_lutron_cert.py", line 137, in <module>
    ssl_socket.connect((server_addr, 8081))
  File "/usr/lib/python3.6/ssl.py", line 1109, in connect
    self._real_connect(addr, False)
  File "/usr/lib/python3.6/ssl.py", line 1100, in _real_connect
    self.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:852)
(get_lutron_cert) root@hass-E5540:/home/hass/get_lutron_cert#

I manually extracted the bridge cert (sniffed out the URL and used a browser to save to base64) and saved it

I get the following in my HASS logs: at startup, similar SSL error in my home-assistant.log

2019-11-16 10:24:51 ERROR (MainThread) [homeassistant.setup] Error during setup of component lutron_caseta
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/setup.py", line 167, in _async_setup_component
    hass, processed_config
  File "/usr/src/homeassistant/homeassistant/components/lutron_caseta/__init__.py", line 53, in async_setup
    await bridge.connect()
  File "/usr/local/lib/python3.7/site-packages/pylutron_caseta/smartbridge.py", line 40, in connect
    yield from self._login()
  File "/usr/local/lib/python3.7/site-packages/pylutron_caseta/smartbridge.py", line 281, in _login
    self._reader, self._writer = yield from self._connect()
  File "/usr/local/lib/python3.7/site-packages/pylutron_caseta/smartbridge.py", line 58, in _connect
    family=socket.AF_INET)
  File "/usr/local/lib/python3.7/site-packages/pylutron_caseta/leap.py", line 16, in open_connection
    limit=limit, **kwds)
  File "/usr/local/lib/python3.7/asyncio/streams.py", line 77, in open_connection
    lambda: protocol, host, port, **kwds)
  File "/usr/local/lib/python3.7/asyncio/base_events.py", line 981, in create_connection
    ssl_handshake_timeout=ssl_handshake_timeout)
  File "/usr/local/lib/python3.7/asyncio/base_events.py", line 1009, in _create_connection_transport
    await waiter
  File "/usr/local/lib/python3.7/asyncio/sslproto.py", line 530, in data_received
    ssldata, appdata = self._sslpipe.feed_ssldata(data)
  File "/usr/local/lib/python3.7/asyncio/sslproto.py", line 189, in feed_ssldata
    self._sslobj.do_handshake()
  File "/usr/local/lib/python3.7/ssl.py", line 774, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:1076)

anyone out there solve this issue??

I am getting the same error. Running HA on a Raspberry Pi.