Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
unable to connect via reverse proxy
See original GitHub issueHome Assistant Android version: 2021.9.0-full
Android version: 10
Phone model: Fairphone 3
Home Assistant version: 2021.9.7 behind nginx 1.14 as reverse proxy with a Let’s Encrypt certificate
Last working Home Assistant release (if known): Exact same versions as above. Failure appeared without an upgrade
Description of problem:
Up until this morning the app worked fine. Then in the morning it stopped being able to connect and I got a dialog with a message indicating I could wait and retry. I did that a few times, then got myself IP banned apparently.
I deleted the IP ban and restarted HomeAssistant. I kept getting these errors, so I reinstalled the app and tried again. From that point on forward I could never get further than the attached screenshot.
I did not upgrade any software, nor did the certificate rotate in between last night (when the app still worked) and this morning. I.e. nothing that I can think of changed.
Screenshot of problem:
Additional information:
- Using the same (external) URL in either Chrome or Firefox (on the phone) succeeds without a hitch
- Connecting directly via the IP address of HomeAssistant itself on port 8123 without encryption does work
- When using the external URL, looking in the nginx logs the authentication appears to succeed. But then still shows the preceding screenshot:
<IP-elided> - - [06/Oct/2021:08:48:59 +0000] "POST /auth/login_flow HTTP/2.0" 200 183 "https://ha.custoft.eu/auth/authorize?response_type=code&client_id=https://home-assistant.io/android&redirect_uri=homeassistant://auth-callback" "Mozilla/5.0 (Linux; Android 10; FP3 Build/8901.3.A.0107.20210513; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/94.0.4606.71 Mobile Safari/537.36"
<IP-elided> - - [06/Oct/2021:08:49:12 +0000] "POST /auth/login_flow/XXXXXXXXXXXXXXXXXX HTTP/2.0" 200 190 "https://ha.custoft.eu/auth/authorize?response_type=code&client_id=https://home-assistant.io/android&redirect_uri=homeassistant://auth-callback" "Mozilla/5.0 (Linux; Android 10; FP3 Build/8901.3.A.0107.20210513; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/94.0.4606.71 Mobile Safari/537.36"
<IP-elided> - - [06/Oct/2021:08:52:45 +0000] "POST /auth/login_flow HTTP/2.0" 200 184 "https://ha.custoft.eu/auth/authorize?response_type=code&client_id=https://home-assistant.io/android&redirect_uri=homeassistant://auth-callback" "Mozilla/5.0 (Linux; Android 10; FP3 Build/8901.3.A.0107.20210513; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/94.0.4606.71 Mobile Safari/537.36"
<IP-elided> - - [06/Oct/2021:08:52:56 +0000] "POST /auth/login_flow/YYYYYYYYYYYYYYYYYYY HTTP/2.0" 200 189 "https://ha.custoft.eu/auth/authorize?response_type=code&client_id=https://home-assistant.io/android&redirect_uri=homeassistant://auth-callback" "Mozilla/5.0 (Linux; Android 10; FP3 Build/8901.3.A.0107.20210513; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/94.0.4606.71 Mobile Safari/537.36"
This seems to have some symptomatic overlap with:
Issue Analytics
- State:
- Created 2 years ago
- Comments:13 (6 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I’ve managed to resolve this problem. For other people who might encounter the same problem/symptoms in the future: For me this was caused by having a certificate from Let’s Encrypt with the “must staple” flag enabled and an expired OCSP staple that didn’t get renewed due to problems with Let’s Encrypt’s OCSP responder.
Manually renewing the staple and working around the OCSP responder issue resolved this for me.
I don’t understand why the browser didn’t report this problem.
As for the app itself: I think it would have been much better had it reported a certificate verification error than this very non-descriptive “there was an error” message. So it’s not a bug, but the message could have been much better.
Maybe #1934 is related to your problem. 😃 I also got some logs.
I was logged in so: on the error screen is a button ‘Settings’ -> and at the bottom is a option to share / view the logs.