Unable to Add SmartThings Integration

Third party integrations
1

I can’t seem to get the SmartThings Integration to work for the life of me, here is my error log:

root@homeassistant:/opt/hassio/homeassistant# cat home-assistant.log
2020-10-12 17:31:23 WARNING (MainThread) [homeassistant.loader] You are using a custom integration for browser_mod which has not been tested by Home Assistant. This component might cause stability problems, be sure to disable it if you experience issues with Home Assistant.
2020-10-12 17:31:23 WARNING (MainThread) [homeassistant.components.http] The 'base_url' option is deprecated, please remove it from your configuration
2020-10-12 17:31:24 WARNING (MainThread) [homeassistant.loader] You are using a custom integration for Kevo which has not been tested by Home Assistant. This component might cause stability problems, be sure to disable it if you experience issues with Home Assistant.
2020-10-12 17:31:24 WARNING (MainThread) [homeassistant.components.lock] LockDevice is deprecated, modify KevoDevice to extend LockEntity
2020-10-12 17:32:35 ERROR (MainThread) [homeassistant.components.smartthings.config_flow] API error setting up the SmartApp: {'requestId': '######', 'error': {'code': 'ConstraintViolationError', 'message': 'The request is malformed.', 'details': [{'code': 'TargetTimeoutError', 'target': 'https://domain.com/api/webhook/######', 'message': 'Upstream target timed out', 'details': []}]}}
Traceback (most recent call last):
  File "/usr/src/homeassistant/homeassistant/components/smartthings/config_flow.py", line 131, in async_step_pat
    app, client = await create_app(self.hass, self.api)
  File "/usr/src/homeassistant/homeassistant/components/smartthings/smartapp.py", line 145, in create_app
    app, client = await api.create_app(app)
  File "/usr/local/lib/python3.8/site-packages/pysmartthings/smartthings.py", line 110, in create_app
    entity = await self._service.create_app(app.to_data())
  File "/usr/local/lib/python3.8/site-packages/pysmartthings/api.py", line 171, in create_app
    return await self.post(API_APPS, data)
  File "/usr/local/lib/python3.8/site-packages/pysmartthings/api.py", line 395, in post
    return await self.request("post", self._api_base + resource, data=data)
  File "/usr/local/lib/python3.8/site-packages/pysmartthings/api.py", line 368, in request
    raise APIResponseError(
pysmartthings.errors.APIResponseError: Unprocessable Entity (422): {"requestId": "######", "error": {"code": "ConstraintViolationError", "message": "The request is malformed.", "details": [{"code": "TargetTimeoutError", "target": "https://domain.com/api/webhook/######", "message": "Upstream target timed out", "details": []}]}}

Here is my install info: Note, using Docker/Supervised on fresh Ubuntu VM (recently rebuilt/migrated)

image
image821×639 25.7 KB

More Info:

I am able to access site remotely via purchased SSL and I have a webhook that I can call to run an automation successfully from apitester.com

2

Same here, took some time but I found the issue. It’s a problem linked to the certificate validation from SmartThings (Let’s Encrypt in my case), to solve it add the intermediate certificate to your normal certificate file:

  1. Open your configuration.yaml file and find the “ssl_certificate” parameter inside the “http” section.
  2. Add to the specified file the intermediate certificate so the final structure of the file should be
       -----BEGIN CERTIFICATE-----
       ... your certificate code ....
       -----END CERTIFICATE-----
       -----BEGIN CERTIFICATE-----
       ... your intermediate certificate code ....
       -----END CERTIFICATE-----
  1. (Optional) Remove the SmartThing configuration file creates during the different attemps
      rm -rf /config/.storage/smartthings
  1. Restart Home Assistant
3 Likes
3

Thumbs up !
I’ve never seen documented the fact the the CARoot certif can be added after the certificate itself, in the same file.

It do the job, I now have the certificate chain complete, with my own domain and certificate (in my case it’s a wildcard certificate *.mydomain.com).

Many free tools allow to test SSL chain, but just a few allow to custom the port (8123 instead of regular port usually used for HTTPS (443), in case you also need such tool, see here : Check SSL Certificate

4

In my case I had to disable TLS 1.3 and switch back to TLS 1.2.

For traefik users:
remove cipherSuites and curvePreferences from your config and set the tls max version:

tls:
  options:
    default:
      minVersion: VersionTLS12
      maxVersion: VersionTLS12

      #cipherSuites:
      #  - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
      #  - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
      #  - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
      #  - TLS_AES_128_GCM_SHA256
      #  - TLS_AES_256_GCM_SHA384
      #  - TLS_CHACHA20_POLY1305_SHA256

      #curvePreferences:
      #  - CurveP521
      #  - CurveP384

After the integration is configured you can enable tls 1.3 again.