Unable to Share Vehicle when trying to enroll public key in my vehicle

[tyanai]

The problem

Hi,

I am in the final step of setting the add-on on HAOS while having NGINX Proxy Manager as an external Docker to HA.

My NGINX is configured to proxy tesla.example.com into 192.168.1.178:8123 (my HA IP is on 192.168.1.178) I can download the public pem file via https://tesla.example.com/.well-known/appspecific/com.tesla.3p.public-key.pem after coping it over from /share/tesla into /config/www/tesla and setting NGINX with:

location = /.well-known/appspecific/com.tesla.3p.public-key.pem { proxy_pass http://192.168.1.178:8123/local/tesla/com.tesla.3p.public-key.pem; }

Trying to enroll the public key fail with this message: "The third party isn't registered with Tesla. We can't grant them at this point"

Just to note that I'm using the Home Assistant Cloud in order to access my HA from remote, but I also opened https & http port for sake of this setup in addition.

What version of the addon are you using?

2.2.8

What version of Home Assistant Core are you using?

2024.10.3

What type of installation are you running?

Home Assistant OS

What version of Tesla integration are you using?

Tesla Custom Integration

What region of Tesla API are you using?

Europe, Middle East

What model and year is your vehicle?

Tesla 3 2021 & 2022

What is your domain name (FQDN)?

tesla.example.com

Paste the log output from the addon here

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service webui: starting
s6-rc: info: service webui successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
[11:46:02] webui:INFO: Starting Flask server for Web UI...
[11:46:02] werkzeug:INFO: WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.
 * Running on all addresses (0.0.0.0)
 * Running on http://127.0.0.1:8099
 * Running on http://172.30.33.11:8099
[11:46:02] werkzeug:INFO: Press CTRL+C to quit
[11:46:03] INFO: Found existing keypair
[11:46:03] INFO: Testing public key...
HTTP/2 200 
server: openresty
date: Sat, 26 Oct 2024 08:46:03 GMT
content-type: application/octet-stream
content-length: 178
cache-control: public, max-age=2678400
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
etag: "1801f1d0557e4840-b2"
last-modified: Sat, 26 Oct 2024 08:00:09 GMT
accept-ranges: bytes

-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEK91hgApsHcAlm/dzWaiakwkbj1S6
bX/lm/MmPvBYxz5ono89qzBF9BN/YPU05SWJ0ggxerOavyUjocMLmB1z5Q==
-----END PUBLIC KEY-----
[11:46:04] INFO: Starting Tesla HTTP Proxy

Do not listen on a network interface without adding client authentication. Unauthorized clients may
be used to create excessive traffic from your IP address to Tesla's servers, which Tesla may respond
to by rate limiting or blocking your connections.
2024-10-26T11:46:04+03:00 [debug] Creating proxy
2024-10-26T11:46:04+03:00 [info ] Listening on 0.0.0.0:443
[11:48:23] werkzeug:INFO: 172.30.32.2 - - [26/Oct/2024 11:48:23] "GET / HTTP/1.1" 200 -
[11:56:19] werkzeug:INFO: 172.30.32.2 - - [26/Oct/2024 11:56:19] "GET / HTTP/1.1" 200 -

Any additional context or screenshots that help explain the issue

No response

[tyanai]

Removing Both tesla_custom & Tesla HTTP Proxy addons completely from the HAOS, and starting over from scratch solved this issue.

[Sw1zero]

@tyanai I have the same issue now and don't understand what do you mean with removing tesla_custom & tesla http proxy addons. Without the tesla http proxy addon I can not access the web ui and so I can not enroll the public key. Am i missing something?

[tyanai]

Hi Sw1zero,

1. Stop the HTTP Proxy and uninstall it from HAOS. Open the terminal and delete the keys located in /share/tesla.
2. Remove all integrations associated with "Custom Tesla" in HACS, then go to HACS and completely uninstall "Custom Tesla" from HA.
3. Restart HA.
4. Reinstall the "HTTP Proxy" from scratch. Do not install "Custom Tesla" at this stage.
5. Follow all the steps to set up the PROXY, including adding the virtual key to the car. Keep the token you received when sending the callback URL at some place — this is your refresh token.
6. I installed the "Tesla Custom" from HACS only after the virtual key has been added to the Tesla car successfully. You will not need it before.
7. When configuring the "Custom Tesla" Fleet API, use the refresh token obtained from the "HTTP Proxy."
8. That's what I did. It may sound strange that removing the installations resolved the issue, but I found similar recommendations elsewhere, and it ultimately worked.

[Sw1zero]

Do you think this issue differs from mine? Because I've got a Tesla Model Y 2024? Because I can read the sensors, but I cannot access the commands. I was thinking, that I only can use the commands if I enroll the public key with the app? Am I wrong?

[tyanai]

To the best of my knowledge, "commands" require now the Tesla Fleet API. From what I could see, for the Tesla Fleet API to work you will need to:

1. Make sure you can download the public key from such url: https://https://tesla.example.com/.well-known/appspecific/com.tesla.3p.public-key.pemtesla.example.comhttps://tesla.example.com/.well-known/appspecific/com.tesla.3p.public-key.pem/.well-known/appspecific/com.tesla.3p.public-key.pemhttps://tesla.example.com/.well-known/appspecific/com.tesla.3p.public-key.pem 2. Make sure the car is being added with an additional Virtual Key

For the above to work you will need the HTTP Proxy, and you will need to make sure everything is working well per the instructions that comes with it.

---

From: Sw1zero @.> Sent: Monday, October 28, 2024 2:41 PM To: llamafilm/tesla-http-proxy-addon @.> Cc: Tal Yanai @.>; Mention @.> Subject: Re: [llamafilm/tesla-http-proxy-addon] Unable to Share Vehicle when trying to enroll public key in my vehicle (Issue #154)

Do you think this issue differs from mine? Because I've got a Tesla Model Y 2024? Because I can read the sensors, but I cannot access the commands. I was thinking, that I only can use the commands if I enroll the public key with the app? Am I wrong?

— Reply to this email directly, view it on GitHubhttps://github.com/llamafilm/tesla-http-proxy-addon/issues/154#issuecomment-2441481816, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAH43CZDGWKFOISHITI3ZTTZ5YPF3AVCNFSM6AAAAABQUUE2IOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDINBRGQ4DCOBRGY. You are receiving this because you were mentioned.Message ID: @.***>

[Sw1zero]

That's what the problem is: I cannot add the car with an additional virtual key because of the issue "unable to share vehicle". I try to reinstall all and comment here, if it worked.

Edit: @tyanai didn't work. The only thing I can think about is, that I have a Tesla which is in lease. Could be this a problem @llamafilm ?

[llamafilm]

@Sw1zero there is some info in this thread about leased vehicles. https://github.com/teslamotors/vehicle-command/issues/45 I don't have a lease but it sounds like the instructions are slightly different.

[Sw1zero]

This is what I commented there:

Didn't work for me to add Virtual Key to my leased Tesla. I get the error mentioned before and no info I have to use the card inside the tesla:

Even a developer account different from my personal account isn't the solution like @ViNYLeq mentioned.

I'm really dissapointed at this moment and don't know what to do anymore.

I'm hanging between is the leasing the problem or my configuration?

[tyanai]

You might want to consider https://teslemetry.com They also have an Home Assistant integration. It will cost you few $, but this way you can at least isolate if the issue is within your car or with the way you set the integration.

[Sw1zero]

Did it now with teslemetry and it worked to make a virtual key so it is possible to access my car even if it is leased. Is it possible that my IP / Duckdns with NGINX is the problem? So that Tesla says "Hey, he has a swiss IP, that's not allowed". ?

[tyanai]

I don't know. I would want to assume that as long as you are getting to your HA login page using your https://tesla.example.com, and since you gave "Swiss" as your location during the FleetAPI enrolment, you should be fine. That's really as far as my knowledge goes.

[Sw1zero]

Where did I put Swiss as my location during FleetAPI?

[tyanai]

Sorry, it might be a region question and not country specific. I'm just saying that since you were approved by Tesla to use their API, you should be fine (I suppose).

---

From: Sw1zero @.> Sent: Tuesday, October 29, 2024 9:50 PM To: llamafilm/tesla-http-proxy-addon @.> Cc: Tal Yanai @.>; Mention @.> Subject: Re: [llamafilm/tesla-http-proxy-addon] Unable to Share Vehicle when trying to enroll public key in my vehicle (Issue #154)

Where did I put Swiss as my location during FleetAPI?

— Reply to this email directly, view it on GitHubhttps://github.com/llamafilm/tesla-http-proxy-addon/issues/154#issuecomment-2445194896, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AAH43C2JS2EUPZG3G67XKUTZ57RHTAVCNFSM6AAAAABQUUE2IOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDINBVGE4TIOBZGY. You are receiving this because you were mentioned.Message ID: @.***>

[gbertsch]

Also experiencing the same error... "Unable to Share Vehicle This third party isn't registered with Tesla. We can't grant them access at this time.".. The vehicles are not leased.

Created a Personal account, does that matter? Also tried the steps to remove tesla http proxy and start over and still nothing.

Thoughts?