SSL Certificate Expiry do not work with let encrypt

Hello,
i’m starting fresh install of hass.

the integration of certificat expiry do not work :

image

2020-01-29 17:40:15 ERROR (MainThread) [aiohttp.server] Error handling request
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/components/cert_expiry/config_flow.py", line 50, in _test_connection
    get_cert, host, user_input.get(CONF_PORT, DEFAULT_PORT)
  File "/usr/local/lib/python3.7/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/src/homeassistant/homeassistant/components/cert_expiry/helper.py", line 13, in get_cert
    with ctx.wrap_socket(sock, server_hostname=address[0]) as ssock:
  File "/usr/local/lib/python3.7/ssl.py", line 423, in wrap_socket
    session=session
  File "/usr/local/lib/python3.7/ssl.py", line 870, in _create
    self.do_handshake()
  File "/usr/local/lib/python3.7/ssl.py", line 1139, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1076)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/aiohttp/web_protocol.py", line 418, in start
    resp = await task
  File "/usr/local/lib/python3.7/site-packages/aiohttp/web_app.py", line 458, in _handle
    resp = await handler(request)
  File "/usr/local/lib/python3.7/site-packages/aiohttp/web_middlewares.py", line 119, in impl
    return await handler(request)
  File "/usr/src/homeassistant/homeassistant/components/http/real_ip.py", line 39, in real_ip_middleware
    return await handler(request)
  File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 72, in ban_middleware
    return await handler(request)
  File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 135, in auth_middleware
    return await handler(request)
  File "/usr/src/homeassistant/homeassistant/components/http/view.py", line 123, in handle
    result = await result
  File "/usr/src/homeassistant/homeassistant/components/config/config_entries.py", line 160, in post
    return await super().post(request, flow_id)
  File "/usr/src/homeassistant/homeassistant/components/http/data_validator.py", line 50, in wrapper
    result = await method(view, request, *args, **kwargs)
  File "/usr/src/homeassistant/homeassistant/helpers/data_entry_flow.py", line 89, in post
    result = await self._flow_mgr.async_configure(flow_id, data)
  File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 130, in async_configure
    result = await self._async_handle_step(flow, cur_step["step_id"], user_input)
  File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 172, in _async_handle_step
    result: Dict = await getattr(flow, method)(user_input)
  File "/usr/src/homeassistant/homeassistant/components/cert_expiry/config_flow.py", line 79, in async_step_user
    if await self._test_connection(user_input):
  File "/usr/src/homeassistant/homeassistant/components/cert_expiry/config_flow.py", line 60, in _test_connection
    if "doesn't match" in err.args[0]:
TypeError: argument of type 'int' is not iterable

Sorry if this is a dumb question.
But why are you using letsencrypt ?
(Duckdns installs the components it needs to run anyway)

1 Like

i like configured and install everything. In order to understand what i do.
so my setup is :

reverseProxy --> home assistant and many more service.

Ngrep show the hass call in order to retrieve certificate but seems to failed to parse it.

Where is your reverse proxy? You can use nginx on hassio for this.

it’s a full docker installation on ubuntu server.
hassio is not an option for me :slight_smile:

the reverseProxy is on the same host but in a different container.

Anyone have the same issue?