Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
"Open Website" for Configuration Generates Secure Connection Failed
See original GitHub issueDescribe the bug When first configuring the Integration, I can complete the configuration page, but after confirming that the OTP is entered on the 2FV page for Amazon, the Open Website page that pops-up, generates a Secure Connection Failed error.
To Reproduce Steps to reproduce the behavior:
- Add the integration to Home Assistant
- Enter all relevant information (using Built-in 2FA App Key Mode, Login Proxy, and OAUTH)
- Enter the OTP code into the Amazon Two-Step Verification page
- Confirm that the code has been entered and hit the Submit button in Home Assistant (The Amazon 2FA page registers that a new 2FA device was successfully added.)
- The webpage that pops-up generates a Secure Connection Failed error in the web browser
- The URL that is generated seems to be requesting a TCP port (this TCP port changes each time I retry configuring the Integration):
https://homeassistant.****.net:58369//?config_flow_id=a90ffa14b6524d589b96eb7fdc66e0b2&callback_url=https://homeassistant.****.net:3185//auth/alexamedia/callback?flow_id=a90ffa14b6524d589b96eb7fdc66e0b2
(The https://homeassistant.****.net:3185 URL/port is publicly accessible and has a valid SSL certificate installed.)
Expected behavior I’ve done this a couple of months ago on another Home Assistant device, and I expect the configuration to complete and then display the available devices (Echo Dots).
Screenshots
System details
- Home-assistant (version): core-2021.2.1
- Hassio (Yes/No): Yes: Home Assistant OS 5.10
- alexa_media (version from
const.pyor HA startup): Newest version from HACS repository as of Feb. 6, 2021 - alexapy (version from
pip show alexapyor HA startup): Newest version from HACS repository as of Feb. 6, 2021 - Amazon 2FA is enabled (y/n). We will not debug login issues if unanswered: Y
Logs Please provide logs. We’ll be most likely asking for them anyway.
Additional context I somehow suspect there is an issue with the URL that is generated after the configuration page. The URL
https://homeassistant.****.net:58369//?config_flow_id=a90ffa14b6524d589b96eb7fdc66e0b2&callback_url=https://homeassistant.****.net:3185//auth/alexamedia/callback?flow_id=a90ffa14b6524d589b96eb7fdc66e0b2
is pointing to a TCP port of 58369, which is not publicly available. However, if I open that port on my router to point to the Home Assistant private IP, it still does not work. I’ve tried pointing that external port on the router to 192.168.1.XX:58369 as well as 192.168.1.XX:8123. That port changes each time I try adding the Integration. I’ve tried this on two different browsers (Firefox and Chrome) and have run into the same results. As mentioned above, the https://homeassistant.****.net:3185 URL/port is publicly accessible and has a valid SSL certificate installed.
Issue Analytics
- State:
- Created 3 years ago
- Comments:17
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I’ve been having similar issues and spent several hours trying to resolve. Here is an explanation and what I’ve done that gets around this issue (but I’ve then got a further issue!).
This component needs the Internal URL configured in the dialog box. If you have SSL configured, as you have above, it will not work. This is because the component checks the URL in the SSL certificate against the URL it is using to access. They will be different. Because your SSL certificate will likely have your External URL in it. And you cannot include your Internal URL because Certificate Authorities won’t allow that.
So, if you want to use SSL, you need to install the NGINX reverse proxy. You can do this from the Add-on store in HAAS. Th only config I changed from default was my domain name.
What you then need to do, is disable SSL in your configuration.yaml. You should now be access HomeAssistant using HTTP internally on http://homeassistant.local:8123. This hits home assistant directly.
With NGINX up and running, you will probably also need to change your Firewall port forwarding rule. Prior to these changes you will have mapped port 443 to port 8123 on your home assistant. You now need to just map port 443 to port 443 on your home assistant. Your external URL should now work.
Last problem I had, is that my home assistant box couldn’t resolve “homeassistant.local”. So for the internal URL in the Alexa dialog box, I just put http://homeassistant:8123.
I now get to the next screen. Can enter my username and password. Get past that ok. But the next screen says that I need to change my password and that I need to send an OTP, but when I click the button get an Amazon error page.
Hopefully you’ll be luckier!
I had the same problem today. It was trying to get me to send an OTP to either my email or text but it would give me an amazon error page. After a bit of googling it I finally found a page that helped. I had to do the OTP outside of home assistant. Then when I went back to add the alexa integration, it worked without the OTP.
Here’s the link I found, when I clicked on “Your Orders” on that page, it asked me to complete the OTP and I had to change my password.
https://www.amazon.com/gp/help/customer/display.html?nodeId=GXHYX22CS752PLE3
Hopefully that works for someone else.