Do have solve this issue? I have the same issue after upgrade to .51
thanks
JP
Seems to work if run from a shellscript.
command: âsh /home/homeassistant/.homeassistant/scripts/ssl_expiry_days.shâ
I have the same problem:
2017-09-01 18:54:09 ERROR (Thread-6) [homeassistant.components.sensor.command_line] Command failed: ssl-cert-check -b -c /etc/letsencrypt/live/MYDOMAIN.duckdns.org/cert.pem | awk { print $NF }
Someone find a solution?
Check this⌠approach
Let it do automatically without user intervention.
2 Likes
This solution is https protocol?
At the and in my router i need to forward the port 80 to 443 or not?
It use DNS-01 Challenge, donât need open port 80 or 443.
This simplify the things as explained in the post.
1 Like
Ok, thank you very much leviweb, i have the last question.
Now I have configured the raspberry Pi 3 with Homeassistant, Duckdns and LetsEncrypt. In my router the port 443 in forwarded to port 8123.
For use the ACME.SH I need to delete the port forwarding in my router, install the script and change the line html in configuration.yaml file, am I right.
Itâs necessary to uninstall the Lentsencript software or script? If yes haw do this?
For use the ACME.SH I need to delete the port forwarding in my router, install the script and change the line html in configuration.yaml file, am I right.
Itâs necessary to uninstall the Lentsencript software or script? If yes haw do this?
You donât need any port forwarding to setup or use ACME.SH. (Suggest you remove unused port forwarding)
You need reconfigure HA to use cert created by ACME.SH.
ACME.SH replace Certbot or any other Client that issue certs from Letâs Encrypt. So you should (not must) deinstall the others client.
Grate tool. Thank you.
Sounds cool but getting this problem when doing apt-get
E: Could not open lock file /var/lib/dpkg/lock - open (13: Permission denied)
E: Unable to lock the administration directory (/var/lib/dpkg/), are you root?
try: sudo apt-get install ssl-cert-check
duh, of course! Oops! Thank you for that! It is now working 
Kind ofâŚ
I have the problem where the sensor does not say any days it just has a dash -
It might only update once every 12 hours
Unfortunately itâs been like that for a few days 
00:04:59 ERROR (Thread-4) [homeassistant.components.sensor.command_line] Command failed: ssl-cert-check -b -c /etc/letsencrypt/live/BLAHBLAH.duckdns.org/cert.pem | awk { print $NF }
Hey.
i get
What i miss here?
run the command via SSH
ssl-cert-check -b -c /etc/letsencrypt/live/yanir.duckdns.org/cert.pem | awk â{ print $NF }â
show 90 fine.
now i see the log show
2018-02-17 17:43:32 ERROR (Thread-18) [homeassistant.components.sensor.command_line] Command failed: ssl-cert-check -b -c /etc/letsencrypt/live/yanir.duckdns.org/cert.pem | awk { print $NF }
When on SSH, have you tried to run the command as the same user thatâs running Home Assistant? If this fails, there is probably a permissions issue.
Via SSH work fineâŚ
I just upgraded my HASS install on my Mac server and ran into some issues that seem to be prevalent through this thread. As such, I wanted to drop a note for fellow Mac users that might run into the same issues, so that they can save the headaches I ran into. I used this thread and the following doc to make all of this fly, so kudos and thanks to everyone involved.
https://home-assistant.io/docs/ecosystem/certificates/lets_encrypt/
1-) To start, youâll need the ssl-cert-check script found here: https://github.com/Matty9191/ssl-cert-check
- To do that on a Mac, best to use wget
- wget https://raw.githubusercontent.com/Matty9191/ssl-cert-check/master/ssl-cert-check
- That will save this to your users home folder (assuming that is where you were when you ran the wget.)
2.) Now you need to give the script the correct permissions to run.
- To do that on a Mac, best to just do a chmod
- chmod 755 path to script
- in my example it looked like this:
chmod 755 /Users/redacted/ssl-cert-check
3.) Now you can run the script against your certificate.
- Assuming you are running this against a duckdns and letsencrypt setup, it will look like this:
./ssl-cert-check -b -c /etc/letsencrypt/live/redacted.duckdns.org/cert.pem | awk â{ print $NF }â - That should return a number, which is the number of days left on your cert before it expires.
4.) Now you can setup command line sensors in Home Assistant to run this script to keep an eye on your expiration date.
- I did it this way and it works well. Thanks to @anon43302295 for this!
(The formatting wonât work for me here, but I copy and pasted from @anon43302295âs post above.) ** Note the ./ before the script. It will be needed to run the script from the shell command. **
sensor:
- platform: command_line
name: SSL cert expiry
unit_of_measurement: days
scan_interval: 86400
command: "./ssl-cert-check -b -c /etc/letsencrypt/live/YOUR-URL.duckdns.org/cert.pem | awk â{ print $NF }â "
5.) Now use the sensor to drive other automations, like renewing your letsencrypt cert.
shell_command: renew_ssl: ~/certbot/certbot-auto renew --quiet --no-self-upgrade --standalone --preferred-challenges http-01
automation:
- alias: 'Auto Renew SSL Cert'
trigger:
platform: numeric_state
entity_id: sensor.ssl_cert_expiry
below: 29
action:
service: shell_command.renew_ssl
automation:
- alias: 'SSL expiry notification'
trigger:
platform: numeric_state
entity_id: sensor.ssl_cert_expiry
below: 21
action:
service: notify.[your_notification_preference]
data:
message: 'Warning - SSL certificate expires in 21 days and has not been automatically renewed'
Hopefully that helps someone. It took me a few to connect the dots, but now that it is running, it should be set.
5 Likes
Hmm got this working on the command line, and wondered why it wasnât working in HASS.
Then remembered Iâm running in DockerâŚ
So is there a way to expose that command into my docker container???
1 Like