Using REST/Python APIs locally on https server

aaronwolen · June 21, 2016, 6:57pm

I’m running HA on a Raspberry Pi with encryption setup using the lets encrypt tutorial. I’m having trouble using the Python API locally, probably because I don’t understand the relevant networking issues, but I thought I’d ask in case anyone else is hitting the same wall.

I believe the Python and RESTful API examples are assuming an unencrypted server because I was unable to get any of the commands to run while logged into my Pi. For example, running

curl -X GET  \
  -H "x-ha-access: MY_PASSWORD" \
  -H "Content-Type: application/json" \
  http://localhost:8123/api/

throws an Empty reply from server error. I found that switching to https and adding cURL’s --insecure flag fixed the problem. So I can use the RESTful API fine. However, I’m not sure how to workaround this issue with the Python API. When I try to replicate the above parameters in Python using

import homeassistant.remote as remote
api = remote.API('localhost', 'MY_PASSWORD', port = '8123', use_ssl = True)
print(remote.validate_api(api))

it throws the following error:

requests.exceptions.SSLError: hostname 'localhost' doesn't match '' cannot_connect

So it would seem I need to activate something like --insecure here but not sure how to do it. Any suggestions?

aimc · June 21, 2016, 7:07pm

I have done this although I forget exactly how - I believe you can pass any of the requests flags through remote.

FWIW, I use the REST API for all of my stuff now - using remote requires you to have homeassistant installed on your machine which kind of defeats the object of a RESTFul remote api …

dap35 · June 23, 2016, 3:02pm

If you are using SSL, shouldn’t you use your fqdn as opposed to ‘localhost’?

aaronwolen · June 23, 2016, 3:16pm

I don’t know. Is that the right way to do it?

AlucardZero · October 20, 2016, 3:20pm

For the record, yes, to avoid one kind of error when using SSL, the hostname clients use to access the server should be on the certificate presented by the server.

Failing that, you should be able to disable hostname checking, such as detailed here.

Will711990 · March 9, 2017, 9:09am

Hi everybody,

I come again on this topic, but did you succeed to sent a REST api, on an https encrypted server ?
I ask this because I follow the same tutorial (so I have a duckdns adresse) and I use Dash Button (Amazon) with this code :
{
“name”: “Depart”,
“address”: “XX:XX:XX:XX:XX:XX”,
“url”: “http://192.168.1.XX:8123/api/services/scene/turn_on”,
“method”: “POST”,
“headers”: {“x-ha-access”: “xxxxxxxxxxxxx”},
“json”: true,
“body”: {“entity_id”: “scene.depart”}
},

but nothing works because local server isn’t accessible…
I’m looking for to replace the “url” row to send my request on https…
Do you have a solution ?

thank you !!!

aaronwolen · March 10, 2017, 1:01pm

I got it to work by using my external domain name (i.e., whatever you registered with DuckDNS).