-
-
Notifications
You must be signed in to change notification settings - Fork 28.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSL handshake failed / SSL error errno:1 reason: UNSUPPORTED_PROTOCOL #22625
Comments
Hi,
Thanks |
same here . tried many things disabling, etc, nothing helps. i can log in fine thru https but thousands of errors in log |
Same here, and I don't use the duckdns add on, just using a Let's Encrypt wildcard cert I pulled from another machine. SSL is completely broken! |
What are you trying to connect from? Is it possible that only TLS 1.3 is being allowed and you're connecting with a device that doesn't support TLS 1.3? |
I am connecting from Macbook/OSX High Sierra So I just ran the following command to make sure TLS 1.3 was enabled from OSX: I then restarted and went to link below to verify TLS 1.3 capability: I then re-enabled https in configuration.yaml, restarted Homeassistant, and I can connect via https to the UI now. |
For me the error showed it self when i was using Tasker in android, both with api password and with long lived token using https-duckdns. as soon as i went over to http all was working. |
Start by checking what your client is capable of: https://www.ssllabs.com/ssltest/viewMyClient.html To me this sounds like HA is only accepting TLS 1.3 and not all clients support it. 🤷♂️ |
I don't know for sure if its a client problem.
Also at this time no other people trying to log even, I'm not seeing any "Login attempt or request with invalid authentication from" rows in the log. |
If you have a site that is open to the world, bet on it being scraped by bots trying to find vulnerabilities like wordpress installs, phpmyadmin with default credentials, and other various things that people leave open and don't change. also, your error is different from the two posted in the OP. OP's issues were: |
You're right, the error is very different. Didn't know the last thing when it's requesting 80 instead of 443. And I really do know that 'when it's open to the internet people are trying'. |
is anything connecting to HA via IP address from inside your network using 8123 or http? |
Just to report in on my problem, I think I fixed it! I really suppose we all may have separate things causing this but for me it was port 80 was forwarded to my HA server ... This had not been a problem in the past but when I disabled that forward, the SSL errors seem to be gone! EDIT: I may have spoken too soon! the errors seem to be significantly reduced, but still getting some |
could you check to see what your server is accepting? https://www.cdn77.com/tls-test if it's only accepting TLS 1.3 I think you are able to relax the settings to also allow TLS 1.2. |
this is what I get when I check it
|
Here we go again:
What ever I do, I cannot login via HTTPS anymore. Every HA-client device is failing right now. Error doing job: SSL handshake failed
Maybe some device is triggering, but I can't get explained why every device is failing as a result.
|
With 0.91 freshly installed i tried going back to https through letsencrypt in duckdns addon, cause i dislike using http with HA open to internet. |
This has just happened to me on 0.91.3. I've been using LetsEncrypt/DuckDns for over a year with no issues and this morning I can't connect at all to https://my_domain.duckdns.org:8123 Trying to visit on my phone I get
instantly in the logs. My Addon log
My config:
ip_bans.yaml empty. I'm at a loss! I can access locally via IP address if I ignore browser certificate warnings. All my automations are firing and my hadashboard is working too. |
Hi, i just fixed my problem with this. duckdns addon seems to be the problem? Just so you guys have something to try and perhaps to get the addon fixed? |
Same error message in logs: My cert was expired, renew certificate - resolved issue |
I recently upgraded to the latest and enabled the stream component. My SSL will occasionally stop working (can't connect) and then sometimes after will crash HA. Curious, anyone else have the new stream component on? May be related. |
Same here @Mark612 I'll try to disable the stream component. |
Same issue here on 92.2 Upgraded from .84 so not sure when this issue would have started. HA Log
Duckdns log shows When this happens I can only access HA locally. https doesn't work |
@sirs2k are you using the stream component? Just to check if it may be related or not. |
Not sure what the stream component is my friend... |
This one https://www.home-assistant.io/components/stream/ |
Oh, nah I'm not using that :) |
Same thing for me:
Weird because I know the cert is valid and current. I'm not using DuckDNS, just Let's Encrypt on a domain pointing to my public static ip4. Home assistant is just inoperable until I get this working as I've set callbacks to remote data to the domain that isn't validating. |
Any Fixes in place for this yet? |
I get this error when connecting to my HA with the internal IP. Maybe this helps a bit to solve the problem. |
You should edit your local hosts file and add record like this: your internal IP - DNS name Or if your router support host-dns mapping, add mapping to your router configuration |
@ittchmh Yes I already added the entry and it works without browser ssl error. Also HA did not show the ssl errors anymore. |
There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates. |
Home Assistant release with the issue:
0.90.1 / 0.90.1
Last working Home Assistant release (if known):
None, new installation (one month, earlier release as well
Operating environment (Hass.io/Docker/Windows/etc.):
Hass.io
Component/platform:
SSL Handshake fail & SSL Error using DuckDNS/Let's Encrypt Addon
Description of problem:
No connection possible via the https-protocol on several occasions per day.
It seems a random problem. When error is happening no https connection via DuckDNS possible. It stops working, than it just works again without any problem solving.
Problem-relevant
configuration.yaml
entries and (fill out even if it seems unimportant):Traceback (if applicable):
Earlier today:
No errors (on this topic) between both.
Additional information:
Using port-forwarding on EdgeRouter X port 8123 and 443 to RPI 3b+.
The text was updated successfully, but these errors were encountered: