Running Lutron Caseta Cert Script in Hass.io?

Jeremiah · November 26, 2017, 7:42pm

The recent .58 update fixes the Lutron Caseta component with the use of the “get_lutron_cert.py” script. This script generates the proper certs needed to get Lutron working again. However, I am using Hass.io on my RP3 and have zero knowledge on how to run this script to generate these certs. I’ve tried installing Python for Windows 10 and couldn’t figure out how to run it. I can’t seem to find the command to run it in Hass.io. I have scoured google trying to figure this out and I’m lost on what to do.

Anyone have stupid easy step-by-step instructions on what I can do to get these certs to generate?

Thank you!

Jeremiah · November 27, 2017, 6:08am

After HOURS of trying to figure it out, I was able to get the certs. Here’s what I did:

Dropped cert directly onto the c:\ root directory
Installed Python 3 64-bit for Windows 10 and chose the option to PATH it for me
With Admin Privileges, ran CMD
python -m venv env <---- at command prompt
pip install cryptography==2.1.3 <---- at command prompt
pip install requests==2.18.4 <---- at command prompt
cd\ <---- at command prompt to take you to c:\
py get_lutron_cert.py <---- at command prompt
It’ll ask you to go to the URL stated - copy/paste URL into browser
Login to your Lutron account
Copy the URL on the error page in your browser after logging into your Lutron Account
Paste the URL into the Command Prompt
Type in your Lutron Bridge’s Internal IP address
If done correctly, it’ll give you a successfully connected to LEAP statement
Move all three new CERT files into your config folder on your Hass.io
When setting up Home Assistant, use the following configuration:
lutron_caseta:
host:
keyfile: caseta.key
certfile: caseta.crt
ca_certs: caseta-bridge.crt

NOTE - Add this directly to your configuration.yaml file - it wouldn’t work when I had it in my componnents.yaml file.

Should work for you after a HA restart!

ngknick · November 30, 2017, 12:19am

Awesome thanks for this. I’m about to embark on this adventure and unsure where to login to my lutron account to generate the certs in the first place?

carbuthn · December 26, 2017, 1:47am

Thanks for posting, I still had a few problems. Step 15 it took a few minutes to figure out that the files were on the c: root directory. The browser said page not found, but everything was already in the root.

Is there an easy way to copy the url? I could not copy and paste.

raerae1616 · January 2, 2018, 7:07am

I also had no idea how to correctly run this via Hass.io. In my old Hassbian install it may have been easy, but with Hass.io, some things are actually harder. So, Thanks a ton for this! Seems obvious to me that with Hass.io being heavily used (and supported) the instructions need to be updated, and this was super helpful for Windows users such as myself!

raerae1616 · January 2, 2018, 8:00am

It’s a little finicky, but yes copy/paste to/from the CMD line in windows does work. Try using Ctrl+C (to copy), Ctrl+V (to paste), and the mouse will highlight text in the cmd window. Also you can use the top window menu via Alt+Spacebar and then using the Edit sub-menu.

BillyPrefect · March 8, 2018, 6:47am

Well that wasn’t exactly straight forward was it.
Thank you for putting these instructions like that. Connected and working. Muchly appreciated.
Now to figure out how to rename the newly found caseta lights.

whitwhittle · March 31, 2018, 12:49pm

Is it normal to get an error message at end?

Traceback (most recent call last):
  File "c:\get_lutron_cert.py", line 156, in <module>
    leap_response['Body']['PingResponse']['LEAPVersion'])
KeyError: 'Body'

Its generating the three files, but they don’t seem to be working.

I had my interface succesfully working, but after re-configuring my network and assigning a new ip address to my caseta bridge, I need to re-run to get everyting working…

I guess its my age, but I’m not remembering exactly how I set it up the first time!..

Any help would be much appreciated…

xnappo · April 2, 2018, 7:41pm

From what I can tell, Lutron support is currently broken (though something Lutron did).

glassbase · April 2, 2018, 11:20pm

So is everyone getting “invalid config” with caseta and it’s not working? I changed nothing on my end and it stopped working over the last day or 2.

carbuthn · April 2, 2018, 11:24pm

Others are having problems, https://community.home-assistant.io/t/lutron-dimmer-switches-will-not-load-after-upgrade-to-66-0-hassio/48893

glassbase · April 2, 2018, 11:33pm

I kept checking github issues and saw none so I thought it was something I did.

carbuthn · April 2, 2018, 11:39pm

Don’t think so, they seemed to stop about the same time on Saturday morning.

I didn’t think that Lutron would push changes to the hub, must have been wrong. Again.

glassbase · April 3, 2018, 1:38am

Yes that’s about when mine stopped working. But I had also updated HA Saturday morning and blamed that. Rolled back HA on Sunday and it was still broken.

xnappo · April 3, 2018, 1:43am

Please add to the Github issue here, as the forum tends to be a little… chaotic.

gohassgo · July 14, 2018, 9:48pm

I’m getting this error as well when generating the certs.

>py get_lutron_cert.py
Enter the address of your Caseta bridge device: xxx.xxx.xxx.xxx
Traceback (most recent call last):
  File "get_lutron_cert.py", line 156, in <module>
    leap_response['Body']['PingResponse']['LEAPVersion'])
KeyError: 'Body'

And SSL related errors in /config/home-assistant.log

2018-07-14 15:45:26 ERROR (MainThread) [homeassistant.setup] Error during setup of component lutron_caseta
Traceback (most recent call last):
  File "/usr/lib/python3.6/site-packages/homeassistant/setup.py", line 143, in _async_setup_component
    hass, processed_config)
  File "/usr/lib/python3.6/site-packages/homeassistant/components/lutron_caseta.py", line 57, in async_setup
    yield from bridge.connect()
  File "/usr/lib/python3.6/site-packages/pylutron_caseta/smartbridge.py", line 40, in connect
    yield from self._login()
  File "/usr/lib/python3.6/site-packages/pylutron_caseta/smartbridge.py", line 281, in _login
    self._reader, self._writer = yield from self._connect()
  File "/usr/lib/python3.6/site-packages/pylutron_caseta/smartbridge.py", line 58, in _connect
    family=socket.AF_INET)
  File "/usr/lib/python3.6/site-packages/pylutron_caseta/leap.py", line 16, in open_connection
    limit=limit, **kwds)
  File "/usr/lib/python3.6/asyncio/streams.py", line 75, in open_connection
    lambda: protocol, host, port, **kwds)
  File "uvloop/loop.pyx", line 1851, in create_connection
  File "uvloop/loop.pyx", line 1848, in uvloop.loop.Loop.create_connection
  File "uvloop/sslproto.pyx", line 496, in uvloop.loop.SSLProtocol.data_received
  File "uvloop/sslproto.pyx", line 204, in uvloop.loop._SSLPipe.feed_ssldata
  File "uvloop/sslproto.pyx", line 171, in uvloop.loop._SSLPipe.feed_ssldata
  File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:777)

Any workarounds for hass.io?

gohassgo · July 18, 2018, 2:04am

i just upgraded to 0.73.2 and all of my lights showed up. Sweet!

ryans · February 14, 2019, 6:13pm

I am getting this same error and can’t figure out what is going wrong here. It properly generated both caseta.crt and caseta.key. Just not the caseta-bridge one. Any suggestions? I see somehow you resolved this.

% python3 ./get_lutron_cert.py
Enter the address of your Caseta bridge device: 192.168.7.128
Traceback (most recent call last):
File “./get_lutron_cert.py”, line 137, in
ssl_socket.connect((server_addr, 8081))
File “/usr/local/Cellar/python/3.7.2_2/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py”, line 1150, in connect
self._real_connect(addr, False)
File “/usr/local/Cellar/python/3.7.2_2/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py”, line 1141, in _real_connect
self.do_handshake()
File “/usr/local/Cellar/python/3.7.2_2/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py”, line 1117, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:1056)

tsimons78 · November 16, 2019, 3:46pm

I’m having the same problem. I don’t think its related to HASS because I got an error running the get_python_cert.py AND using the community plugin.

I’m using HASSIO 0.100.3 on Ubuntu

using get_lutron_cert.py with this process Lutron - get_lutron_cert.py I get the following results:
caseta.crt and caseta.key created, be caseta-bridge.crt is not:

(get_lutron_cert) root@hass-E5540:/home/hass/get_lutron_cert# python get_lutron_cert.py
Open Browser and login at https://device-login.lutron.com/oauth/authorize?client_id={REMOVED}&redirect_uri=https%3A%2F%2Fdevice-login.lutron.com%2Flutron_app_oauth_redirect&response_type=code
Enter the URL (of the "error" page you got redirected to (or the code in the URL): https://device-login.lutron.com/lutron_app_oauth_redirect?code={REMOVED}
Enter the address of your Caseta bridge device: 192.168.{REMOVED}
Traceback (most recent call last):
  File "get_lutron_cert.py", line 137, in <module>
    ssl_socket.connect((server_addr, 8081))
  File "/usr/lib/python3.6/ssl.py", line 1109, in connect
    self._real_connect(addr, False)
  File "/usr/lib/python3.6/ssl.py", line 1100, in _real_connect
    self.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 1077, in do_handshake
    self._sslobj.do_handshake()
  File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:852)
(get_lutron_cert) root@hass-E5540:/home/hass/get_lutron_cert#

I manually extracted the bridge cert (sniffed out the URL and used a browser to save to base64) and saved it

I get the following in my HASS logs: at startup, similar SSL error in my home-assistant.log

2019-11-16 10:24:51 ERROR (MainThread) [homeassistant.setup] Error during setup of component lutron_caseta
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/setup.py", line 167, in _async_setup_component
    hass, processed_config
  File "/usr/src/homeassistant/homeassistant/components/lutron_caseta/__init__.py", line 53, in async_setup
    await bridge.connect()
  File "/usr/local/lib/python3.7/site-packages/pylutron_caseta/smartbridge.py", line 40, in connect
    yield from self._login()
  File "/usr/local/lib/python3.7/site-packages/pylutron_caseta/smartbridge.py", line 281, in _login
    self._reader, self._writer = yield from self._connect()
  File "/usr/local/lib/python3.7/site-packages/pylutron_caseta/smartbridge.py", line 58, in _connect
    family=socket.AF_INET)
  File "/usr/local/lib/python3.7/site-packages/pylutron_caseta/leap.py", line 16, in open_connection
    limit=limit, **kwds)
  File "/usr/local/lib/python3.7/asyncio/streams.py", line 77, in open_connection
    lambda: protocol, host, port, **kwds)
  File "/usr/local/lib/python3.7/asyncio/base_events.py", line 981, in create_connection
    ssl_handshake_timeout=ssl_handshake_timeout)
  File "/usr/local/lib/python3.7/asyncio/base_events.py", line 1009, in _create_connection_transport
    await waiter
  File "/usr/local/lib/python3.7/asyncio/sslproto.py", line 530, in data_received
    ssldata, appdata = self._sslpipe.feed_ssldata(data)
  File "/usr/local/lib/python3.7/asyncio/sslproto.py", line 189, in feed_ssldata
    self._sslobj.do_handshake()
  File "/usr/local/lib/python3.7/ssl.py", line 774, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_BAD_CERTIFICATE] sslv3 alert bad certificate (_ssl.c:1076)

anyone out there solve this issue??

mjking · November 20, 2019, 4:03pm

I am getting the same error. Running HA on a Raspberry Pi.