After following the instructions for setting up SSL using letsencrypt, and ensuring that I have read permissions on all the files in /etc/letsencrypt/..., when I run hass I get the following python error:
Error in HTTPServer.tick
Traceback (most recent call last):
File "/home/josh/.homeassistant/deps/cherrypy/wsgiserver/__init__.py", line 2019, in start
self.tick()
File "/home/josh/.homeassistant/deps/cherrypy/wsgiserver/__init__.py", line 2086, in tick
s, ssl_env = self.ssl_adapter.wrap(s)
File "/home/josh/.homeassistant/deps/cherrypy/wsgiserver/ssl_builtin.py", line 67, in wrap
server_side=True)
File "/usr/lib/python3.5/ssl.py", line 377, in wrap_socket
_context=self)
File "/usr/lib/python3.5/ssl.py", line 752, in __init__
self.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 988, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.5/ssl.py", line 633, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:645)
I have discovered the issue and will post the findings here.
As the stack trace shows, the error is in actually making the handshake. It dawned on me as I looked through the python ssl code that while I had the python openssl library installed, I checked and found that I did not have the python3 openssl installed. On my ubuntu system, the package is python3-openssl … install that, and to be safe, just restart the machine (it was necessary for me).
Note that you will now have to locally access hass via https://hostname:8123 (the https:// is necessary), and you will probably get errors/warnings in the console and browser due to the fact that the host name being entered (“my-local-hostname”) is not the same as your domain name. But, when accessed from outside via https://yourname.com , it should work just fine.
) !