UI won't load -- potential SSL issue

mayorgergich · December 30, 2024, 7:54am

Hello all. In desperate need of help.

I run HASS on my Mac Mini via UTM and it’s been fine for well over a year, until just now. After updating a couple of addons (Stateful Scenes and Team Tracker) my server spins up but is wholly inaccessible. When trying to access to UI via http:homeassistant.local:8123 I receive the following error:

`An error occurred during a connection to homeassistant.local:8123. SSL received a record that exceeded the maximum permissible length.

Error code: SSL_ERROR_RX_RECORD_TOO_LONG

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.`

I’ve rebooted the UTM VM. I’ve updated the DNS, cleared cache on multiple devices and across multiple browsers. I’m able to access the machine via cli and have run core check which came back with no errors. I’ve also checked the dns settings which were running to my pihole and switched them to a public DNS. nothing seems to help. I’m just stuck on a login screen, if I can even get to that point.

I was able to very briefly access the UI after using the public DNS but then it went back to the same issue.

Currently in my config I have http set as the following:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24
    - 127.0.0.1

I am running cloudflared and no other reverse proxy service.

When trying to restore from a backup I’m met with a 404 error.

Any other troubleshooting advice would be greatly appreciated. Been at this for hours and just can’t find the solution.

koying · December 30, 2024, 12:52pm

That typically means your HA is not SSL enabled (anymore?)

mayorgergich · December 30, 2024, 4:43pm

How would I repair that? Looking online I haven’t been able to find anything.

WallyR · December 30, 2024, 7:04pm

It should be https://homeassistant.local:8123

mayorgergich · December 30, 2024, 9:36pm

Yes I’ve tried that as well and it states the connection is insecure.

WallyR · December 31, 2024, 6:29am

Then you need to check the certificate.
Your browser should be able to show the certificate the homepage presents.

mayorgergich · January 1, 2025, 6:10pm

Should I not be able to connect locally however regardless of the SSL certificate?

I’m thinking it’s a problem with the core, because it takes ages to spin up now and most of my addons don’t load at all when looking at my addons jobs and docker containers.

WallyR · January 1, 2025, 6:24pm

The errors you get indicate that you have set up HTTPS with a certificate in the configuration.yaml file.
With this setup the HA web server port will be switched from HTTPnto HTTPS and HTTP connections will no longer be possible.

There is also a or xy setup possible, where HTTP connections are used for HA and then a proxy is running that accepts the HTTPS connections and concerts them to HTTP and forward them to HA.
This setup is typical made with NGinX.

Mayhem_SWE · January 1, 2025, 6:56pm

That would be up to your browser rather than the HA server. Typically you’ll just acknowledge that you know the connection is insecure and proceed anyway.

WallyR · January 2, 2025, 2:47pm

Not correct.
The server decides what is available.
The client have to follow those decisions.

With HA only one service can run at a time on the HA core, so it will either be HTTP or HTTPS.
A proxy can accept one type of communication and forward another to HA core, HA core still only run one type itself.