Coder Social home page Coder Social logo

haci's Introduction

Yeah, well, the plumber's pipes always leak - I'll need to find some time to put something here.

haci's People

Contributors

dickswart avatar miklosbagi avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

jfurtner dickswart tomkusz

haci's Issues

Certs need to be added to the Python/Certifi store

Describe the bug
It appears certificates also need to be added to python's own internal CA store to fix some issues. Namely installing new integrations with HACS, but there may be more I haven't found.

To Reproduce
Steps to reproduce the behavior:

  1. Run HACI as usual
  2. Attempt to install a new integration from HACS
  3. The integration will not install, and no errors will be given
  4. Checking the home assistant logs show the following errors:
2021-06-11 11:07:25 INFO (MainThread) [backoff] Backing off async_download_file(...) for 0.3s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:25 INFO (MainThread) [backoff] Backing off async_download_file(...) for 0.3s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:25 INFO (MainThread) [backoff] Backing off async_download_file(...) for 0.6s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:25 INFO (MainThread) [backoff] Backing off async_download_file(...) for 0.6s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:26 INFO (MainThread) [backoff] Backing off async_download_file(...) for 1.7s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:26 INFO (MainThread) [backoff] Backing off async_download_file(...) for 1.3s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:26 INFO (MainThread) [backoff] Backing off async_download_file(...) for 0.1s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:26 INFO (MainThread) [backoff] Backing off async_download_file(...) for 0.7s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:26 INFO (MainThread) [backoff] Backing off async_download_file(...) for 1.7s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:27 INFO (MainThread) [backoff] Backing off async_download_file(...) for 2.7s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:27 INFO (MainThread) [backoff] Backing off async_download_file(...) for 2.5s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:28 INFO (MainThread) [backoff] Backing off async_download_file(...) for 0.3s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:28 INFO (MainThread) [backoff] Backing off async_download_file(...) for 0.2s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:28 INFO (MainThread) [backoff] Backing off async_download_file(...) for 1.4s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:29 ERROR (MainThread) [backoff] Giving up async_download_file(...) after 5 tries (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:29 ERROR (MainThread) [custom_components.hacs] Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')]
2021-06-11 11:07:30 ERROR (MainThread) [backoff] Giving up async_download_file(...) after 5 tries (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:30 INFO (MainThread) [backoff] Backing off async_download_file(...) for 4.9s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:30 INFO (MainThread) [backoff] Backing off async_download_file(...) for 0.4s (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:31 ERROR (MainThread) [backoff] Giving up async_download_file(...) after 5 tries (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])
2021-06-11 11:07:35 ERROR (MainThread) [backoff] Giving up async_download_file(...) after 5 tries (aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host raw.githubusercontent.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1125)')])

Expected behavior
SSL connection is verified and integration installs

Screenshots
N/A

Desktop (please complete the following information):
N/A

Smartphone (please complete the following information):
N/A

Additional context
Installing certificates to /usr/local/lib/python3.8/site-packages/certifi/cacert.pem appears to resolve the error

Error in HA entity 

??? Error pushing /shared/haci/certs/root.pem to cacert.pem !!! Error: Python Certifi SSL Tests are still failing, this should not happen.\n Please raise an issue on github.\n 0

Could this be an permission issue?
I run HA in Docker.
I will execute the command from bash inside the container with debug mode on, and report back

openssl binary no longer provided in the HASS container (since 2022.7)

Describe the bug
The openssl binary in /usr/bin is no longer provided in the container, this means that the script doesn't run. Copying a working openssl binary from /usr/bin/ or shipping one with haci in the /share folder as a hack works.

To Reproduce
Steps to reproduce the behavior:

  1. enter docker container
  2. run haci debug
  3. see error

Additional context
It happened when I updated to HASS 2022.7.1, this commit home-assistant/docker@e23abd3 removes openssl from the container.

with HASS integration, certs directory isn't exposed

Describe the bug
If you use the HASS integration the "certs" directory described in the documentation for the SSL validation certs is no available.

To Reproduce
Steps to reproduce the behavior:

  1. Use the "Add Integeration" from HASS or from the Devices & Service in HA to install the plugin
  2. Add the internal site using a self-signed certificate or signed via a self-signed root certificate.

Expected behavior
Either certifi should be told to use the system trusted certs or expose an upload section where a self-signed root/cert can be uploaded/added to the configuration

Desktop (please complete the following information):

  • OS: HomeAssistantOS (Raspberry Pi)
  • Browser Firefox
  • Version 107.0 (64-bit)

Additional context
I run a self-signed root cert and a non-routeable, non-published internal domain. I use the root cert to sign a wildcard cert for all of my machines. I have added this cert to the supervisor image, but cannot trust the "root" cert for python.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.