Still error message cert_expiry

[ebudalen]

Make sure you are running the latest version of Home Assistant before reporting an issue.

You should only file an issue if you found a bug. Feature and enhancement requests should go in the Feature Requests section of our community forum:

Home Assistant release (hass --version): 0.63.3 (On Hass.io)

Python release (python3 --version): 3.6.3

Component/platform: cert_expiry

Description of problem: Got the following error message during startup of homeassistant:

ERROR (SyncWorker_12) [homeassistant.components.sensor.cert_expiry] Cannot connect to xxx.duckdns.org

Expected:

No error message during startup after this was merged: https://github.com/home-assistant/home-assistant/pull/8920

Problem-relevant configuration.yaml entries and steps to reproduce:

 - platform: cert_expiry
   host: xxx.duckdns.org

[arsaboo]

I admit....I also see this error occasionally. Not sure how to fix it :(

[ebudalen]

Ok, the issue was made because I thought meaby it was just your fix that needed a little adjustment, or something like that. If there is no fix or will be worked on, I can close the issue if that`s preferable.

[arsaboo]

Leave it open... Hopefully someone has better idea to fix it.

[balloobbot]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.

Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment :+1:

[ebudalen]

Isn't a fix yet, but is just estetic in log, so just close if there is no solution.

[talondnb]

I’m receiving this error currently, 0.73.1 (resinOS 115 supervisor).

[spali]

Still on 0.80.1. I assume it's a timing problem, the sensor tries to get the state to early during startup probably. After a while the sensor updates to the correct state.

[balloobbot]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.

Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment :+1:

[genem2]

FYI: Just saw this for the first time. After a:

homeassistant.update_entity { "entity_id": "sensor.ssl_certificate_expiry" }

it was fine.

[rpitera]

This is still an issue in 0.90.1. For me it happens on almost every restart as the sensor makes the call before it can connect. If a wait statement or timer could be introduced, that would probably solve the issue; maybe by increasing the TIMEOUT = 10.0?

[phiberoptick]

So I decided to play with HA again the other day to see what's new since last time and I ran into this issue as well. The issue (for me at least) was due to the way docker does it's resolving. They are all about using local hostnames and then letting docker pass on the queries that it can't resolve to another container or service.

TLDR;

When starting containers, increase the number of "ndots" with the "--dns-options" switch. Which is normally set to 0 and can make it fail to resolve FQDN if for some reason the docker daemon drops the ball on forwarding, network latency, etc.

Also specify external name servers when you create the container. (--dns) This can also be done in compose as well as the global dockerd config (which is what I did).

Normally, the resolv.conf in the container will look like:

# cat /etc/resolv.conf nameserver 127.0.0.11 options ndots:0 If you specify the dns, search domains, and options either when creating the container, starting the daemon or in the daemon.json and restart:

cat /etc/docker/daemon.json { "dns": ["1.1.1.1", "8.8.8.8"], "dns-opts": ["ndots:15"], "dns-search": ["somedomain.net", "somedomain.com"], "experimental": true } After you re-create the container or start another you will see that your resolv.conf looks correct and that the container actually resolves. I saw my cert_expiry check complete without error and scroll by in the log before I even loaded the main HA page.

phiber@dev-null:~$ docker exec -it home-assisstant /bin/bash root@dev-null:/usr/src/app# cat /etc/resolv.conf search somedomain.net somedomain.com nameserver 1.1.1.1 nameserver 8.8.8.8 options ndots:15 root@dev-null:/usr/src/app# openssl s_client -showcerts -servername github.com -connect github.com:443 2>&- | openssl x509 -dates -noout notBefore=May 8 00:00:00 2018 GMT notAfter=Jun 3 12:00:00 2020 GMT root@dev-null:/usr/src/app#

Not sure how many of you this is applicable to but hopefully it will help some of you.

[stale[bot]]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates. Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍 This issue now has been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.

[rpitera]

Seems to be fixed on 0.99