HA / duckdns / letsencrypt / certificate error / Android 7.1 / Reconnection issues

Hi all,

I have SSL certificate issues with duckdns/letsencrypt. Certificates are working fine with browser/AWS integration etc.

Note this issue only occurs with my Android 7.1 tablet, my Android 9.0 tablet works fine.

There seems to be a couple of threads related to this and it seems unresolved with letsencrypt/duckdns, has anyone gotten it to work consistently with this setup?

HomeHabit connects to HA and works great for about 5 minutes, then it stops connecting.
Platform shows “Unable to verify SSL certificate” after I enter the Legacy password.

Closing down the app and re-opening allows it to work for another 5 minutes or so.

I’m using a Legacy API password.

I’ve also tried the latest beta build.

Thanks for such an awesome s/w, its so much faster than using lovelace.

** Edit
Looking further into this issue, it seems to be occurring during reconnections.

I left the app running with the screen saver overnight without any issues, however if I open another app and go back into homehabit, it tries to reconnect with the same SSL error.
It will then start working again after the app is closed/reopened.

@mikeoz thank you for detailed bug report!
What is the 7.1 tablet brand?

This issue was not reproducible in testing, so this is not something that was fixed yet. It is interesting that it only appears with duckdns/letsencrypt combination, and none of the users from other platforms (non-hass) reported issues. So it doesn’t look straightforward, but hopefully it will be possible to fix sooner rather than later.

Thanks for the reply Igor.

The tablet is an amazon HD 8, I’ve tried with both the amazon firmware and LOS 14.1 with the AOSP Webkit and it has the same issue.

I’m not sure whether it’s duckdns/letsencrypt only, as I do not have access to any other systems.

On your 7.1 setup, is it hass? when you hit the home button, open another app, and go back into HomeHabit, does it automatically connect ?

Cheers.

@mikeoz Yes, tested it using duckdns with hass, on Amazon fire, and it doesn’t show the same issue.
Do you see any errors logs related to SSL in HA server logs at the same time?
Something like SSL handshake failed or SSLV3_ALERT_CERTIFICATE_UNKNOWN maybe?

Thanks igor.

No errors on the logs. I used to get lots of SSL errors under 0.8x but since upgrading to 0.99 they went away.

I might enable debugging logging on HA and see if it returns any errors.

Thanks for all your help!

Edit: Enabled debugging on HA and there are no errors, I only get the following when the client tries to connect

Woohoo It seems to be working now after I re-flashed the rom. No idea why.
Thanks again for all your help igor.
If we can get a media widget that can select favourites I will be on Homehabit full time :slight_smile:

2019-10-12 20:30:58 DEBUG (MainThread) [homeassistant.components.http.view] Serving /auth/login_flow/166f65eb380b4029be432466fea446ad to 192.168.1.198 (auth: True)