Adding certificate verification is strongly advised Warning with new 2023.6.0

travisghansen / hass-opnsense

OPNsense integration with Home Assistant

194 stars 25 forks source link

Adding certificate verification is strongly advised Warning with new 2023.6.0 #87

Closed Mangomc closed 1 year ago

Mangomc commented 1 year ago

Hello. Upgraded my HA today to the New Beta of 2023.6.0 Now it get a new warning in my log.

`Logger: py.warnings Source: custom_components/opnsense/pyopnsense/init.py:167 Integration: OPNsense (documentation, issues) First occurred: 15:39:39 (9 occurrences) Last logged: 15:43:47

2023-06-01 15:45:51.284 WARNING (SyncWorker_1) [py.warnings] /usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py:1056: InsecureRequestWarning: Unverified HTTPS request is being made to host '192.168.0.1'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings warnings.warn(`

alexdelprete commented 1 year ago

It's not an integration issue, it's a warning due to the usage of a self-signed certificate in OPNsense Web UI. If you want to avoid it, you need to configure OPNsense Web UI with a trusted certificate.

Mangomc commented 1 year ago

Thanks. Very stupid from HA that it wants a trusted cert for local IPs

Mangomc commented 1 year ago

Hey again. Is the Option "Verffy ssl certificate" when adding the Integration not exactly for that behavior to not verify the ssl certificate? I deleted the Integration and added it again without ticking "verify ssl certificate" but it still Shows the error

alexdelprete commented 1 year ago

> 2023-06-01 15:45:51.284 WARNING (SyncWorker_1) [py.warnings] /usr/local/lib/python3.11/site-packages/urllib3/connectionpool.py:1056: InsecureRequestWarning: Unverified HTTPS request is being made to host '192.168.0.1'. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/1.26.x/advanced-usage.html#ssl-warnings

The warning you're seeing comes from an HA python library (urllib3), see log above. It's not a warning that comes from the component.

There's an issue open in HA Core repo.

While they solve the issue, a possible workaround is this:

logger:
  default: info
  logs:
    requests.packages.urllib3.connectionpool: critical

vk2him commented 1 year ago

Apparently there's a better short term solution - add this to beneath logger:

filters: py.warnings:

"InsecureRequestWarning"