SSL unable to get local issuer certificate #285
Comments
|
fixed it on my side but leaving the issue open since this is not the intended process most likely
after that it should work just fine |
|
seems to be an issue on haier's side though, it started today after 2am Europe/Warsaw timezone |
|
^ the above was insufficient for actual HA integration, i had to use this plugin: https://github.com/Athozs/hass-additional-ca |
thanks!! |
|
I can confirm that this fix works. Just a note that the idea is to open the website and download the certificate from the browser. Took me a bit more than I am proud to say to find that out :) |
|
I tried the work around described but get this error setting up the additional_ca add-on: Logger: homeassistant.setup Error during setup of component additional_ca |
Can you show me the contents of the certificate you exported? In text form (for example open in notepad or just use |
My certificate looks like this. The problem described is with de add-on from HACS. When I download the add-on in HACS and restart HA I get this error in HA. This is before I even add the certificate in my config. |
My bad, could you send the configuration.yaml file? The error suggest that it's trying to read the certificate file, but it's somehow malformed. Might be a bad path, or the certificate itself |
|
Considering this is before adding the certificate, maybe try adding it to see if it works? |
Did you add something like: into your configuration.yaml after you added your .crt-file in the new created folder config\additional_ca\ in your HA? |
Yes I did. |
|
I think the only reasonable explanation is that the exported certificate is somehow malformed. It cannot be an issue solely with the plugin, because the part that throws an exception is the part that actually attempts to read the certificate specified in the configuration, and it points towards there being a character it cannot read. |
I got the additional_ca add-on working now. Implemented the certificate but the haier integration still doesn't setup. It's still the same SSL error in the logs |
|
I think it's because you actually need both the RapidSSL certificate and the DigiCert certificate. It worked with RapidSSL only for me when i set it up the first time, but i reset my setup to test something and I had to import both certificates. |
Owke we'll finally get there I hope..... On a roll now and learning stuff so give it to me :) |
|
Guys, I managed to have hon working. I described steps I followed here: #286 in detail. If you could give it a try... |
The steps @jm314159 described sound pretty much exactly right, I just didn't have to remove hOn integration at all.
Here you just click on DigiCert, press export, and then repeat the same process for RapidSSL |
Hell yeah! It works.....finally. Thanks for all the help, feel like a complete noob overhere :( |
|
Thank you all. I too had the issue that the hOn addon for Home Assistant didn't work anymore since February 6th 2025. The solution mentioned in the comment thread above did fix the issue. For full reference I share what I did: Installing Additional CA
Downloading hOn certificate
Converting .pem to .crt
Saving .crt file on Home Assistant hard disk
Updating configuration.yaml
Now the hOn addon worked again. |
|
Still the same issue with the off switch remains. Anyone have a solution for that annoyance?
|
There's a fix for that here: https://github.com/Andre0512/hon/pull/277/files like so:
|
That did the trick, thanks! |
|
@bartwr great explanation. I will add up that I did not need to convert the .pem to .crt. Added it directly as you mention and it worked. |
It worked for me. I saved the certificates from GoogleChrome (windows), renamed them and transferred them. Config: |
Core 2025.2.0 delete the additional_ca folder and try again. Download and install manually Click button to download ZIP of Additional CA Release version Go to the Add-on store don't forget to reboot the OS |
I only meant the add-on itself. For now, Additional CA cannot be configured from UI dashboard. This may be possible in future release. Core 2025.2.0 |
Thanks for your reply. I exactly did these steps 3 times. and everyime the addon is listed when I click + Add integration but it is not listed in my configured intergrations. There are no logs to be found of additional_ca (logger is set to default: info) according to documentation. |
It is realy not listed.
config:
|
|
by the way, if you're using HAOS you might be able to skip using the addon, and instead use this process: have you tried it? |
Noob question incomming! In the folder /usr/local/share/ there is no folder ca-certificates. Can I create this folder or is there some stuff mussing I need to install first? |
|
@mwPandoraid - I do not have such directory either, therefore I decided to use Additional CA. @droeloe1818 - can you install Additional CA in Integrations after you have found it in the "Select brand" list? |
nop
|
you have an extension (the certificates themselves) cer CA files must be in PEM format (often .crt or .pem extension). Check content with a text editor. Content example (following is a fake): I removed the “default_config:” line, it works without it. |
|
@droeloe1818 - Could you please paste the result of |
|
|
Could you upload your home-assistant.log file? |
The CER certificates I placed where just for trouble shooting. I put the original .crt certificates back. here is the format:
|
|
No pycache dir... Mmmm, should have the integration not started? That's my dir |
Sure! thanks for helping! |
Removed the zip. Rebooted core.
still not working. |
|
The only way I can replicate that behavior is if i remove all references to additional_ca from my configuration.yaml file. Can you try moving the additional_ca section to the top of the config? Also, it might be a long shot, but in the screenshot you posted for the configuration file, you had unsaved changes, so make sure you did save before restarting. |
|
feel completely ashamed writing this post, and I apologize to everyone who tried to help me – I wasted their time. It turned out to be a saving issue with Studio Code, as @mwPandoraid suggested. Now, I'm going to lie down under my desk for a while and reflect on my mistake SORRY!!!!!! It is all working now. Do the certificates renew them self or do I need to do this X amount of time? |
|
Following this thread as well. I am also curious if manual intervention is needed or whether this issue will 'fix' itself with a little patience? Does the renewed certificate find its way onto my system automatically at some point or will it be an anual manual exercise to put it on my system (considering the certificate validity is 1 year) ? |
|
Hello everyone. I have both certificates but get this error during startup, perhaps someone could assist here? Assist instructions: "Explain the solution to me like im 5 years old"
Solution: The folder: /config/additional_ca does not work as mentioned above. Must use folder: /config/custom_components/additional_ca |
|
I had the same warning and searched for the filename but could not find it. check if you see any entries in the log stating changing password. I found out that the login succeeded with the new certificates but it redirected me to the change password page. It looks like that Hon requires you to change your password every year. After I logged on in the web environment where I got the certificates from and changed the password everything worked again with HA. |
Thanks for this. It went through my mind, your post confirmed it. Thank you |
|
Good morning everyone, I want to share my experience with the Haier HON integration for Home Assistant, which I have been using to control my air conditioner. After facing constant issues with this integration, I suspect that Haier is not interested in allowing their platform to work smoothly with open-source projects like Home Assistant. For this reason, I have decided to abandon this integration and switch to ESPHome Haier (https://esphome.io/components/climate/haier.html). I have been using it for a few days now, and so far, it performs much better than the Haier HON integration. I hope this information helps anyone who, like me, is tired of dealing with ongoing integration problems. Best regards! |
|
Can confirm that I got it to work with the "Additional CA" addon (mentioned above) from HACS as well 🥳 My # Configure a default setup of Home Assistant (frontend, api, etc)
default_config:
additional_ca:
rapidssl: rapidssl.crtJust make sure that you put your additional CA certs into the |
|
I've fixed the issue with Haier's incorrect SSL certificate configuration in my fork: https://github.com/IoTLabs-pl/hOn. The solution is based on the approach used in If the RapidSSL certificates are missing, they are now automatically added and will be available for communication after an HA restart. I’d really appreciate it if you could test it out, and even more if you have some time to help maintain and improve it! 🚀 |
|
Thanks a lot @kubasaw I'll try it out |
Traceback (most recent call last):
|
|
@kubasaw it works well. |
|
And I have implemented the fix here as well: |
When i attempt to use pyhOn or the HACS integration, i receive the following error:
This happens both on my HomeAssistant host and on my local machine.
The text was updated successfully, but these errors were encountered: