SSL verification issue

Howdy,
Got AppDaemon installed, but can’t start it. Initially, AppDaemon would not connect to HA. That was fixed by specifying the cert_path:, and setting cert_verify: to false, in appdaemon.yaml; even though this is not a self-signed certificate. The problem appears to be with the dashboard thread not reading the cert values from appdaemon.yaml, and trying to verify the SSL cert. Any help would be greatly appreciated. Below is what I’m working with. Thank you in advance.

pi@hassbian:~ $ appdaemon -c /home/homeassistant/.homeassistant -D DEBUG
2017-08-10 17:20:08.103099 INFO AppDaemon Version 2.1.4 starting
2017-08-10 17:20:08.103982 INFO Configuration read from: /home/homeassistant/.homeassistant/appdaemon.yaml
2017-08-10 17:20:08.104475 DEBUG AppDaemon Section: {'cert_path': '/home/homeassistant/.homeassistant', 'errorfile': 'STDERR', 'app_dir': '/home/homeassistant/.homeassistant/apps', 'cert_verify': False, 'threads': 10, 'logfile': 'STDOUT'}
2017-08-10 17:20:08.104866 DEBUG Hass Section: {'ha_key': '<REDACTED>', 'ha_url': 'https://home.myserver.com:8123'}
2017-08-10 17:20:08.105194 DEBUG HADashboard Section: None
2017-08-10 17:20:08.105499 DEBUG Calling HA for config with key: <REDACTED> and url: https://home.myserver.com:8123
2017-08-10 17:20:08.105812 DEBUG get_ha_config()
2017-08-10 17:20:08.106118 DEBUG get_ha_config: url is https://home.myserver.com:8123/api/config
2017-08-10 17:20:08.186828 DEBUG Success
2017-08-10 17:20:08.188681 DEBUG {'whitelist_external_dirs': ['/home/homeassistant/.homeassistant/www'], 'longitude': <REDACTED>, 'time_zone': '<REDACTED>', 'location_name': 'Home', 'version': '0.50.2', 'unit_system': {'volume': 'gal', 'temperature': '°F', 'mass': 'lb', 'length': 'mi'}, 'elevation': <REDACTED>, 'latitude': <REDACTED>, 'config_dir': '/home/homeassistant/.homeassistant', 'components': ['cover.zwave', 'config.automation', 'script', 'sun', 'zeroconf', 'config.core', 'binary_sensor.zwave', 'logbook', 'light.zwave', 'binary_sensor', 'websocket_api', 'media_player', 'zwave', 'updater', 'group', 'frontend', 'cover', 'http', 'switch.zwave', 'history', 'logger', 'zone', 'device_tracker', 'config.zwave', 'switch', 'config', 'ios', 'config.group', 'sensor.ios', 'climate.zwave', 'automation', 'notify.ios', 'light', 'conversation', 'notify', 'api', 'tts', 'media_player.roku', 'climate', 'sensor.zwave', 'sensor', 'discovery', 'recorder']}
2017-08-10 17:20:08.270198 DEBUG Entering run()
2017-08-10 17:20:08.318893 DEBUG Creating worker threads ...
2017-08-10 17:20:08.322396 DEBUG Done
2017-08-10 17:20:08.322904 DEBUG Calling HA for initial state with key: <REDACTED> and url: https://home.myserver.com:8123
2017-08-10 17:20:08.323264 DEBUG Refreshing HA state
2017-08-10 17:20:08.323567 DEBUG get_ha_state: url is https://home.myserver.com:8123/api/states
2017-08-10 17:20:08.413886 INFO Got initial state
2017-08-10 17:20:08.414592 DEBUG Reading Apps
2017-08-10 17:20:08.415306 INFO Loading Module: /home/homeassistant/.homeassistant/apps/hello.py
2017-08-10 17:20:08.417706 INFO Loading Object hello_world using class HelloWorld from module hello
2017-08-10 17:20:08.598295 INFO hello_world: Hello from AppDaemon
2017-08-10 17:20:08.603284 INFO hello_world: You are now ready to run Apps!
2017-08-10 17:20:08.604017 INFO App initialization complete
2017-08-10 17:20:08.604597 DEBUG Starting timer loop
2017-08-10 17:20:08.605482 INFO Dashboards are disabled
2017-08-10 17:20:08.609533 WARNING ------------------------------------------------------------
2017-08-10 17:20:08.610217 WARNING Unexpected error in dashboard thread
2017-08-10 17:20:08.610727 WARNING ------------------------------------------------------------
2017-08-10 17:20:08.613105 WARNING Traceback (most recent call last):
  File "/usr/local/lib/python3.4/dist-packages/appdaemon/appdash.py", line 455, in run_dash
    f = loop.create_server(handler, "0.0.0.0", int(conf.dash_port), ssl = context)
TypeError: int() argument must be a string or a number, not 'NoneType'

2017-08-10 17:20:08.613912 WARNING ------------------------------------------------------------
2017-08-10 17:20:08.714720 WARNING Disconnected from Home Assistant, retrying in 5 seconds
2017-08-10 17:20:08.715193 WARNING ------------------------------------------------------------
2017-08-10 17:20:08.715493 WARNING Unexpected error:
2017-08-10 17:20:08.715762 WARNING ------------------------------------------------------------
2017-08-10 17:20:08.719029 WARNING Traceback (most recent call last):
  File "/usr/local/lib/python3.4/dist-packages/appdaemon/appdaemon.py", line 1337, in appdaemon_loop
    "{}/api/websocket".format(url), sslopt=sslopt
  File "/usr/local/lib/python3.4/dist-packages/websocket/_core.py", line 487, in create_connection
    websock.connect(url, **options)
  File "/usr/local/lib/python3.4/dist-packages/websocket/_core.py", line 211, in connect
    options.pop('socket', None))
  File "/usr/local/lib/python3.4/dist-packages/websocket/_http.py", line 77, in connect
    sock = _ssl_socket(sock, options.sslopt, hostname)
  File "/usr/local/lib/python3.4/dist-packages/websocket/_http.py", line 182, in _ssl_socket
    sock = _wrap_sni_socket(sock, sslopt, hostname, check_hostname)
  File "/usr/local/lib/python3.4/dist-packages/websocket/_http.py", line 160, in _wrap_sni_socket
    server_hostname=hostname,
  File "/usr/lib/python3.4/ssl.py", line 364, in wrap_socket
    _context=self)
  File "/usr/lib/python3.4/ssl.py", line 577, in __init__
    self.do_handshake()
  File "/usr/lib/python3.4/ssl.py", line 804, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:600)

Here is my appdaemon.yaml:

AppDaemon:
  app_dir: /home/homeassistant/.homeassistant/apps
  logfile: STDOUT
  errorfile: STDERR
  threads: 10
  cert_path: /home/homeassistant/.homeassistant
  cert_verify: False
#  time_zone: <time zone>
HASS:
  ha_url: https://home.myserver.com:8123
  ha_key: !secret home_assistant_key

# Apps
hello_world:
  module: hello
  class: HelloWorld

I have an outstanding issue to fix this with websockets. In the meantime, SSE still seems to work. If you specify --commtype SSE in your startup args it should work.

1 Like

That worked a treat. Thank you! I do, however, still get the following, and was wondering if it’s a separate issue:

2017-08-11 07:13:29.740196 WARNING Traceback (most recent call last):
  File "/usr/local/lib/python3.4/dist-packages/appdaemon/appdash.py", line 455, in run_dash
    f = loop.create_server(handler, "0.0.0.0", int(conf.dash_port), ssl = context)
TypeError: int() argument must be a string or a number, not 'NoneType'

Thanks again!

That looks like a problem with your DASH_URL - or it might be a bug in the API support, let me check.

EDIT: Yes, it’s a kind of bug. I need HADashboard directives in there for the API support which isn;t logical and not well documented.

To fix this you need to add:

HADashboard:
  dash_url: http://<IP of host>:<some port>

I’ll tidy this up in the next release.

I just released 2.1.6 to address this - if you upgrade, your existing config file should work fine without the addition I suggested above.

1 Like

I’m running 2.1.7 (in docker :latest) and had to add --commtype SSE to get appdaemon to connect to hass.