ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] - Unable to connect to HA URL

[007-DJ]

Description:
Previously, I was never able to get the HA built-in F2A to work as expected; consequently, I need to re-auth approximately weekly. I am not able to recall the previous success methods as they all had varied until initialization success. Here are the steps I am attempting:

1. Removed {#} alexa_media entries from configuration.yaml. Restart HA.
2. Removed alexa media player from HACS. Restart HA.
3. Enabled alexa_media entries in configuration.yaml. Restart HA.
4. Configure (Discovered) Alexa Media Player in integrations.
5. Verified prefilled fields are all correct: EMail Address, Password, duckdns.org link, Built-in F2A App Key (Seed) from Amazon F2A page for adding second S2V authenticator:
   
   With repeated efforts, I would get one of two errors: Unknown error occurred or unable to connect.
   
   
   For clarification purposes, the https address for HA in duckdns.org is verified by coping it into a browser and opening HA.

System details
Home Assistant Core 2022.6.6
Home Assistant Supervisor 2022.05.3
Home Assistant OS 8.2
Alexa Media Player v4.0.2 located in '/config/custom_components/alexa_media'
Path to configuration.yaml: /config/configuration.yaml

• Amazon 2FA is enabled (yes).

Logs
home-assistant.log:
2022-06-21 09:28:24 WARNING (SyncWorker_0) [homeassistant.loader] We found a custom integration alexa_media which has not been tested by Home Assistant. This component might cause stability problems, be sure to disable it if you experience issues with Home Assistant
2022-06-21 09:28:24 WARNING (SyncWorker_1) [homeassistant.loader] We found a custom integration hacs which has not been tested by Home Assistant. This component might cause stability problems, be sure to disable it if you experience issues with Home Assistant
2022-06-21 09:28:31 ERROR (MainThread) [homeassistant.components.notify] Error setting up platform smtp
Traceback (most recent call last):
File "/usr/src/homeassistant/homeassistant/components/notify/legacy.py", line 67, in async_setup_platform
notify_service = await hass.async_add_executor_job(
File "/usr/local/lib/python3.9/concurrent/futures/thread.py", line 58, in run
result = self.fn(*self.args, **self.kwargs)
File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 92, in get_service
if mail_service.connection_is_valid():
File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 154, in connection_is_valid
server = self.connect()
File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 144, in connect
mail.starttls(context=ssl_context)
File "/usr/local/lib/python3.9/smtplib.py", line 790, in starttls
self.sock = context.wrap_socket(self.sock,
File "/usr/local/lib/python3.9/ssl.py", line 500, in wrap_socket
return self.sslsocket_class._create(
File "/usr/local/lib/python3.9/ssl.py", line 1040, in _create
self.do_handshake()
File "/usr/local/lib/python3.9/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for 'mail.myfairpoint.net'. (_ssl.c:1129)
2022-06-21 09:28:31 ERROR (MainThread) [homeassistant.components.notify] Error setting up platform smtp
Traceback (most recent call last):
File "/usr/src/homeassistant/homeassistant/components/notify/legacy.py", line 67, in async_setup_platform
notify_service = await hass.async_add_executor_job(
File "/usr/local/lib/python3.9/concurrent/futures/thread.py", line 58, in run
result = self.fn(*self.args, **self.kwargs)
File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 92, in get_service
if mail_service.connection_is_valid():
File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 154, in connection_is_valid
server = self.connect()
File "/usr/src/homeassistant/homeassistant/components/smtp/notify.py", line 144, in connect
mail.starttls(context=ssl_context)
File "/usr/local/lib/python3.9/smtplib.py", line 790, in starttls
self.sock = context.wrap_socket(self.sock,
File "/usr/local/lib/python3.9/ssl.py", line 500, in wrap_socket
return self.sslsocket_class._create(
File "/usr/local/lib/python3.9/ssl.py", line 1040, in _create
self.do_handshake()
File "/usr/local/lib/python3.9/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for 'mail.myfairpoint.net'. (_ssl.c:1129)
2022-06-21 10:17:16 WARNING (SyncWorker_6) [homeassistant.loader] We found a custom integration hacs which has not been tested by Home Assistant. This component might cause stability problems, be sure to disable it if you experience issues with Home Assistant

The Alexa Media Player integration is the backbone of my HA. Any assistance is greatly apricated. Please let me know How I can return the favor.

[Albruaje]

Same for me, but with amazon.es

[007-DJ]

For those interested, I have been getting some guidance in community, although not solved yet, it may work for you.
to assist the developers here, I have a fresh instance of my log:

2022-06-22 11:15:18 DEBUG (MainThread) [custom_components.alexa_media.config_flow] Creating new login
2022-06-22 11:15:18 DEBUG (MainThread) [custom_components.alexa_media.helpers] Re@Mt: Returning uuid {'uuid': '3ec5fddfbe094aaa7dd3f696f79ae14c', 'index': 0}
2022-06-22 11:15:18 DEBUG (MainThread) [alexapy.alexalogin] Creating TOTP for 4G6A
2022-06-22 11:15:18 DEBUG (MainThread) [alexapy.alexalogin] Generating OTP 339205
2022-06-22 11:15:18 DEBUG (MainThread) [alexapy.alexalogin] Login created for Re@Mt.net - amazon.com
2022-06-22 11:17:30 DEBUG (MainThread) [custom_components.alexa_media.config_flow] Unable to connect to provided Home Assistant url: https://.duckdns.org
2022-06-22 11:27:59 DEBUG (MainThread) [custom_components.alexa_media.config_flow] Using existing login
2022-06-22 11:27:59 DEBUG (MainThread) [alexapy.alexalogin] Creating TOTP for 4**********************G6A
2022-06-22 11:27:59 DEBUG (MainThread) [alexapy.alexalogin] Generating OTP 645357
2022-06-22 11:30:08 DEBUG (MainThread) [custom_components.alexa_media.config_flow] Unable to connect to provided Home Assistant url: https://.duckdns.org

any assistance with the greatest HA integration is appreciated beyond words.

[alandtse]

ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for 'mail.myfairpoint.net'. (_ssl.c:1129)

There's a SSL host mismatch. Integration is trying to test the url you provide from the HA machine. If for some reason the cert fails, it will give that error. Use the local IP as a workaround or correct your cert as exposed to your HA machine.

Everyone else, if you're not talking about a SSL cert issue, you're off topic. Please search as almost everything asked has been already discussed and closed. Please open a new issue if your issue is actually new.

[007-DJ]

@alandtse
I simply can not express how much your direction is appreciated. I wanted to share my work-around. You mentioned correcting my SSL cert (Note: Using HACS add-on NGINX Home Assistant SSL Proxy). Not knowing how, I reinstalled using my local http address. This gave me the success But could not be loaded message:


My workaround Was to delete and reload with the exact same instructions, but this time on the Amazon Login Authentication Screen, I enabled the option to not require F2P and it complete the integration.
As mentioned, This is the most important HA integration. without it, HA is nothing more than a status app.
THANK YOU!!!