Tesla integration updates

Can you check if the custom settings of your “NGINX Home Assistant SSL proxy” looks like mine:

Bildschirmfoto vom 2024-04-05 09-22-28

You’ve have to set “active” to true cause it’s disabled by default…

It’s all to complicated and difficult to understand what it is that needs to be done to get this working unfortunately.

The guides, as usual it seems, assume prior knowledge of things that you wouldn’t know you need to know and don’t know where to find out because it’s all in a different language!

And can’t even explain what is needed to be known because it’s unknown what’s missing!

Just get to sections and just… NFI what things mean.

3 Likes

Does this mean that we have to have our own domain name where we can host the certificate ? I do, but have idea how I’d set it up. I guess that you folks are discussing having HA host it, and some people are not liking that from a privacy standpoint ?

Yes, you need your own domain or subdomain. Some people have it working with a duckdns subdomain.

This link may help, as it explains the change on Tesla’s end more. The System Overview gives a good summary, that you now need both an OAuth token for Home Assistant to talk to Tesla’s server and a private/public key pair for your car to verify the command is legit.

For the car (or Tesla’s servers) to use the public key to verify things, the private key has to be somewhere on the internet that is accessible. You have 3 basic options for this.

  1. Host a server externally that holds the keypair
  2. Host a server locally that holds the keypair
  3. Use HAOS and an addon to host the server locally that holds the keypair

Option 3 is the “easiest” as you have a Home Assistant server already and just need an add-on. However, Home Assistant needs to be accessible from the internet (seperate from Nuba Casa). Option 1 is the more complex, but it keeps things seperate. All 3 option require a domain.

Just to be clear, the proxy addon won’t work to send commands to older cars, right? What are you looking to have tested? Are you asking to blow out the existing tesla_custom integration and then reinstall your version of the tesla_custom you linked to see if it still works? I have a 2018 M3 and can test if you want.

I can test as well. I also asked for a clarification on the situation here: Unable to refresh sso oauth token after restart my home assistant · Issue #941 · alandtse/tesla · GitHub

I had the same problem and missed that the first line for the domain is homeassistant-internal, I’d put tesla!
image

I think you got the link wrong - it leads to an empty page.

Hi,

I’m on the same boat, I’m unable to get the public key whenever I paste this in my browser

https://mytesla.duckdns.org/.well-known/appspecific/com.tesla.3p.public-key.pem

I can see the nginx_tesla.conf was generated in /share/nginx_proxy/ which I believe will reroute my mytesla.duckdns.org

all public DNS working, and checking SSL cert looks fine.

NGIX config below

domain: xxx.duckdns.org
hsts: max-age=31536000; includeSubDomains
certfile: fullchain.pem
keyfile: privkey.pem
cloudflare: false
customize:
active: true
default: nginx_proxy_default*.conf
servers: nginx_proxy/*.conf

1 Like

Make sure you have two domains added in duckdns. One is the main one for main HA access while the other is solely for hosting the public key.

Check the logs and make sure you have an entry that says ‘challenge valid!’. Guide on duckdns can be found here

The dnschecker step is crucial. You need to be patient to wait for the new duckdns domain to propagates. My first time took me few minutes before I can view my public key. My second attempt I waited half a day. As long as the checks shows all has a green tick (all dns can be resolved) then you’re fine, otherwise just have to wait all of dns server to pickup your new address.