search

home-assistant / core

:house_with_garden: Open source home automation that puts local control and privacy first.
https://www.home-assistant.io
Apache License 2.0
72.63k stars 30.4k forks source link

Tasmota MQTT connection over SSL broken after Update to 2024.10.2 #128507

Open zeus86 opened 2 days ago

zeus86 commented 2 days ago

The problem

After updating to core-2024.10.2 the reporting of values from all my tasmota devices (around a dozen) stopped working, the only metric not shows as unknown is the IP-address. Everything worked before the upgrade, and no configuration changes have been made. I use RSA-keys with nginx, as ecdsa-Keys with letsencrypt are known to be problematic with some mqtt-devices.

What version of Home Assistant Core has the issue?

core-2024.10.2

What was the last working version of Home Assistant Core?

core-2024.10.1

What type of installation are you running?

Home Assistant OS

Integration causing the issue

tasmota, maybe mosquitto

Link to integration documentation on our website

https://www.home-assistant.io/integrations/tasmota

Anything in the logs that might be useful for us?

nothing helpful in the mosquitto-log:

2024-10-16 10:36:22: New connection from <IP>:58587 on port 8883.
2024-10-16 10:36:44: Client <unknown> has exceeded timeout, disconnecting.
2024-10-16 10:36:53: Client <unknown> disconnected: Protocol error.

(the <unknown> is literal, I only truncated the IP).

--

Connection-Failures in the Tasmota-Log:

10:41:58.618 MQT: Attempting connection...
10:41:58.683 MQT: TLS connection error: 1
10:41:58.684 MQT: Connect failed to <myFQDN>:8883, rc -2. Retry in 90 sec

Additional information

Tested with recent Versions of tasmota: 14.2 and 14.3.

Without SSL (on port 1883) everything works fine, but as said: before the Upgrade everything worked, so I think this is a Homeassistant-Issue, not a Tasmota one.

While TLS-Error 1 indicates, that this is a fingerprint-issue (https://tasmota.github.io/docs/TLS/#tls-troubleshooting), i don't think this is actually true, because it worked before, and the cert did not change during the upgrade.
All Tasmota-Devices in question are ESP32-based, not ESP8266-based.

home-assistant[bot] commented 2 days ago

Hey there @emontnemery, mind taking a look at this issue as it has been labeled with an integration (tasmota) you are listed as a code owner for? Thanks!

Code owner commands Code owners of `tasmota` can trigger bot actions by commenting: - `@home-assistant close` Closes the issue. - `@home-assistant rename Awesome new title` Renames the issue. - `@home-assistant reopen` Reopen the issue. - `@home-assistant unassign tasmota` Removes the current integration label and assignees on the issue, add the integration domain after the command. - `@home-assistant add-label needs-more-information` Add a label (needs-more-information, problem in dependency, problem in custom component) to the issue. - `@home-assistant remove-label needs-more-information` Remove a label (needs-more-information, problem in dependency, problem in custom component) on the issue.

(message by CodeOwnersMention)

tasmota documentation tasmota source (message by IssueLinks)

letsgetbusy commented 1 day ago

+1 Same problem after updating to core-2024.10.2. With core-2024.10.1 all work fine.

letsgetbusy commented 1 day ago

Update Affected all tasmota before 14.1.0. Updated to 14.2.0 or 14.3.0 not have this problem.

Please try by your side

zeus86 commented 9 hours ago

Update Affected all tasmota before 14.1.0. Updated to 14.2.0 or 14.3.0 not have this problem.

Please try by your side

I cannot confirm this. All my devices already have been on 14.2.0 and after spotting this problem, I upgraded to 14.3.0, but the problem persists for me.

pathwayx99 commented 4 hours ago

I had the same problem. All tasmota devices unavailable in HA, with their web UIs perfectly accessible. And sure enough, tracking my Watchtower logs, it seemed like the update of HA was the issue.

But a bit more careful digging proved it was not: I couldn't get through to the tasmota devices using my MQTT tools. So then I started looking at Mosquitto (my MQTT server). Again, the Watchtower logs showed an update. I rolled back to previous versions. Nothing.

In the end, I reset the fingerprint on the tasmota devices through their console using the command that allows them to auto-learn it:

MqttFingerprint 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

...and it worked. Not sure why this became necessary, but...might help someone else, so I'm posting it.