webostv with media entry configured causes Error handling request errors

[a-nicholls]

The problem

With the webostv integration, if I use a home assistant dashboard with the media player to that LG TV entity active on the web browser/app and I change the LG TV app (e.g. switch to Netflix or ITV X as in example) that is running on the LG TV it shows a the error in the home assistant logs (showing the last line of the trace)

aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host 192.168.0.3:3001 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')] This IP is the LG TV using the webostv, with debug on the line before in the log shows:

DEBUG (MainThread) [aiowebostv] recv(192.168.0.3): {"type":"response","id":4,"payload":{"subscribed":true,"returnValue":true,"appId":"com.fvp.itv","processId":"","windowId":""}}

What version of Home Assistant Core has the issue?

core-2023.10.3

What was the last working version of Home Assistant Core?

2023.9.3

What type of installation are you running?

Home Assistant OS

Integration causing the issue

webostv

Link to integration documentation on our website

https://www.home-assistant.io/integrations/webostv/

Diagnostics information

No response

Example YAML snippet

No response

Anything in the logs that might be useful for us?

No response

Additional information

The TV is running webOS firmware 03.33.80, it has been updated today but the problem also occurred with the previous webOS version.

[home-assistant[bot]]

Hey there @thecode, mind taking a look at this issue as it has been labeled with an integration (webostv) you are listed as a code owner for? Thanks!

Code owner commands

Code owners of webostv can trigger bot actions by commenting:

• @home-assistant close Closes the issue.
• @home-assistant rename Awesome new title Renames the issue.
• @home-assistant reopen Reopen the issue.
• @home-assistant unassign webostv Removes the current integration label and assignees on the issue, add the integration domain after the command.

_{^{(message by CodeOwnersMention)}}

---

webostv documentation webostv source _{^{(message by IssueLinks)}}

[a-nicholls]

Additional: if I use the web browser to view https://192.168.0.3:3001 in edge it shows a certificate error and if I ignore the error has the page with "Hello World"

I'm assuming that this is an internally signed certificate that the browser does not trust.

[Riscue]

Same here.

[gradius-v]

And the same here, I have the LG C3. Also DLNA doesn't work with the same error.

[vumaddibly]

Same here as well. I have an LG OLED65GX6LA running the latest update (04.50.51). I'm running Home Assistant 2023.10.5 Supervisor 2023.10.1 Operating System 11.1 Frontend 20231005.0

On a dashboard, I no longer see an image related to the source (Netflix, iPlayer, Rakuten, etc). The error messages pasted by the OP is generated whenever I try to view the TV history status or control the TV (pause, play, etc).

[attiss]

Same here.

$ openssl s_client -showcerts -connect xxx.xxx.xxx.xxxx:3001

CONNECTED(00000003)
Can't use SSL_get_servername
depth=1 C = KR, ST = Seoul, O = LG Electronics Inc., OU = HE Lab., CN = LGE SSG Intermediate CA
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = KR, ST = Seoul, O = LG Electronics Inc., OU = HE Lab., CN = LGE TV SSG
verify return:1
---
Certificate chain
 0 s:C = KR, ST = Seoul, O = LG Electronics Inc., OU = HE Lab., CN = LGE TV SSG
   i:C = KR, ST = Seoul, O = LG Electronics Inc., OU = HE Lab., CN = LGE SSG Intermediate CA
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Mar 12 01:49:52 2018 GMT; NotAfter: Aug 15 01:49:52 2034 GMT
-----BEGIN CERTIFICATE-----
MIIFwjCCA6qgAwIBAgICIAEwDQYJKoZIhvcNAQELBQAwbzELMAkGA1UEBhMCS1Ix
DjAMBgNVBAgMBVNlb3VsMRwwGgYDVQQKDBNMRyBFbGVjdHJvbmljcyBJbmMuMRAw
DgYDVQQLDAdIRSBMYWIuMSAwHgYDVQQDDBdMR0UgU1NHIEludGVybWVkaWF0ZSBD
QTAeFw0xODAzMTIwMTQ5NTJaFw0zNDA4MTUwMTQ5NTJaMGIxCzAJBgNVBAYTAktS
MQ4wDAYDVQQIDAVTZW91bDEcMBoGA1UECgwTTEcgRWxlY3Ryb25pY3MgSW5jLjEQ
MA4GA1UECwwHSEUgTGFiLjETMBEGA1UEAwwKTEdFIFRWIFNTRzCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBANgLe30lB7jMOm5v890Pl+KGPSqQ2tbNOpob
fbzZkpGROcTKPWrDrWQFiy2yS8Yn2Oqs+i1ioDcOD8pOh1UyxXY+I61f/4DRkL2L
Qqdx0a4qoNmKHHgTRuffklt8Tc7oVKsuf53q0D3zUIs/c/UarRo/2FiLZSXCqzTg
XnDZh3O15rvt8jzepA9RturlPMDwaszHahaT3Lm3nSDpoeJzWtrDZH7zJG0eD5P2
LqbA6YnOenTMV9E8L4Okomiho7/DTvS3L4S7dnUdl14v89herlYz+aGD75UgCvRh
1aPepIaWnyhj7yMD0khrZRyOIrP8k+1hHi7kLORQ/7wLPXqkDZECAwEAAaOCAXMw
ggFvMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMDMGCWCGSAGG+EIBDQQm
FiRPcGVuU1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlmaWNhdGUwHQYDVR0OBBYE
FFm/07eIWpKBKqpoJ4+dzQDU55KLMIHVBgNVHSMEgc0wgcqAFCyLYO76owaYuCOC
aHJpV4grLZfdoYGtpIGqMIGnMQswCQYDVQQGEwJLUjEOMAwGA1UECAwFU2VvdWwx
DjAMBgNVBAcMBVNlb3VsMRwwGgYDVQQKDBNMRyBFbGVjdHJvbmljcyBJbmMuMRYw
FAYDVQQLDA1IRSBMYWJvcmF0b3J5MRwwGgYDVQQDDBNMRyB3ZWJPUyBUViBSb290
IENBMSQwIgYJKoZIhvcNAQkBFhVzZWN1cml0eS1wYXJ0QGxnZS5jb22CAhAHMA4G
A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
AAOCAgEAJhLtCLsTi/l+xpAzF01NFwPy8pBi+7Q1ZyBfbw+rIKnnzFXMMwsGrt57
xMfArdB54MePs6UMvn/HRbfx7UkXxha38HY65+redBX27EuQs3EodajRFzz/OG7A
NhQovjJ4fxeadTP1AI7coULi8hwG78RxBNHzRsdtfjcboOYA27Nzi6cpFd4O/v5m
8NhCnsLU5AcYoP+S7Qab9nbyteT3RorhdZYNCFSUWiKbCS1aZMH828vUi97ja+mX
q0gvbt0cM5o3iJngmwH7PVR+slrL6CHXaMJHXkXSSyQcqbwSu5mbqV+lTY8fJkn3
5rds1bJRy6LIFPAT7jpPzONT70jnS5NZmYQtkDWugX2WHAqwnmPv3sLWSGVG6gjh
W+pnlxwDzXWV3stVVqrPVRaoSHYuqAxBWB8vIwrPXVIcUb2JNYLef1eOJpGqEhTr
++0i1NpYxiehVinA21CLrditO/IXhGsopjGWnK1zPG6L3LiLciXhrKqeuQCqzcSD
7+ihyqNxQ0oQlC1mr6u9tmeGuGPWRYWy5h7SYcOVivsxbrUYq3SdzDNy8Izl7vE4
n2mOKPyF0sXhSOHC+bBmsg+IZ0FpBKw0N4JJ/XfoPqnHxw7LF2f2IEvxahYSxgRg
xCdCs+vi8ob++70uAgs3suJUybGTa8sExkHo0BtsqnmgEBDxfdM=
-----END CERTIFICATE-----
 1 s:C = KR, ST = Seoul, O = LG Electronics Inc., OU = HE Lab., CN = LGE SSG Intermediate CA
   i:C = KR, ST = Seoul, L = Seoul, O = LG Electronics Inc., OU = HE Laboratory, CN = LG webOS TV Root CA, emailAddress = [email protected]
   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
   v:NotBefore: Mar 12 01:30:28 2018 GMT; NotAfter: Aug 15 01:30:28 2034 GMT
-----BEGIN CERTIFICATE-----
MIIF+TCCA+GgAwIBAgICEAcwDQYJKoZIhvcNAQELBQAwgacxCzAJBgNVBAYTAktS
MQ4wDAYDVQQIDAVTZW91bDEOMAwGA1UEBwwFU2VvdWwxHDAaBgNVBAoME0xHIEVs
ZWN0cm9uaWNzIEluYy4xFjAUBgNVBAsMDUhFIExhYm9yYXRvcnkxHDAaBgNVBAMM
E0xHIHdlYk9TIFRWIFJvb3QgQ0ExJDAiBgkqhkiG9w0BCQEWFXNlY3VyaXR5LXBh
cnRAbGdlLmNvbTAeFw0xODAzMTIwMTMwMjhaFw0zNDA4MTUwMTMwMjhaMG8xCzAJ
BgNVBAYTAktSMQ4wDAYDVQQIDAVTZW91bDEcMBoGA1UECgwTTEcgRWxlY3Ryb25p
Y3MgSW5jLjEQMA4GA1UECwwHSEUgTGFiLjEgMB4GA1UEAwwXTEdFIFNTRyBJbnRl
cm1lZGlhdGUgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDl5xeN
+UkKyfHifIGtO4igsl/UxXosQ0qeAMadDSdI8XLHAsfEnlCDVWwYSFD76A7+GO6m
ttN5MTlsdVJPQ/lyy032cPkz38R9MHS6sOxqOCXurkX0wN/7fTODKVkS/Q3dCqYz
eluWaMrZQBAW6vGQVgoilBxf5Z9jpV9Dj6IxXThomUlyM8HVCWmg38eht8ItiuSe
1Bzpr8Bqv35wLEnPPK1QhKu9oxU10GS6Yn1GNQ6xMvpayf1jPuRK443tdR+IA2mD
y/N8h623yvIbBxMt/rLmvzjWevLC8wyTlrEw5ei/GOfMlJq8fK3TK1S9CMqqe6uS
O9YHJo5/ibg+aFKkJEDO4RNzK2W0A7F+a2eJIk8lz49rvZNC+X/waRUfso8YrAcX
vQo4EbYDWTlFDNa15rYiZEE3lzqROto440Wb6v5ZavyvkRyQbUNbodUh42Wvo616
kD6GG5/Le1QUpO6I66Hjs0MyJQApFuOR2OZhS8FjHPRONSNZJl1rAP7xtZ7fDika
d0oqU9hHKOKQSb8e8QTLUyQGCW17FB8pgC8Du7ZZquRU/0RhK002yEdlWY+yDWs1
8aLqKl64P5GiipYufRTWVS3Ev8e4W/ycdI3n4gOWNAUuHUkO+LRXxm1fimPV1rig
Qrth9KtRc1g9FsDr+s2ZfxPft3LTozt1HRSBeQIDAQABo2YwZDAdBgNVHQ4EFgQU
LItg7vqjBpi4I4JocmlXiCstl90wHwYDVR0jBBgwFoAUYJCBYPvCCUxyONKaiLR4
beSYs/gwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI
hvcNAQELBQADggIBAEoyN23/Z+63ejYpBpJ3Xzowf3CEU7vN1J7QrxLJN+hJh2Go
f/NO6p9v0REoNeQjVKXbd8ycNpOl5SY620XFip6F+gLGxlTRy2LX7BUpYwCHoAuD
zSdRi7bhqmdwSZL7VGwm4RIGpeUWNqx2YH8xgJ7Zb4v0LCcCDsqB1JdobxB1ULbB
ZQ/8BsuEjiWnWg0nTDz7VZmpP1fOs4vLYPzFVzq07Q9avxYh642JLshhVZ9/VwWL
q5uGXNrxrvRNr4JR5emax9HV/o+LK9FdUP5XJWEXeXSRSvCYh7djtkQqzcmLdT4x
zU6chJMuCJAG6qzv8r7EA0IrbWk5oBhxNet/cCExIUH/Rqivcfa7qPTsTYVSoM5J
dw2ociET6vc2UmYzBiHV22Ez02aydOSmL4VkdR+ngxGTaCkEDBpHPLDaZ6Yzp/xB
gCGkvL417B3rTuBvD2YYwQ2pSS9O5N0FOLFjX3L3d9ixlXwqWi07w79YONjLqjYm
6OrYp5xtinZrxEEcdu/jt0pSOkYVG+NEg+kcLiRpxy4q7A3vVllREbLZL6R/5G3D
ulTRmICailJN3PF+5YavaQI2H6yRdiw2OMzaLgHw3zU9NGN43mMI1q1Yl4PYA2sO
qHkaceoSAL7CaC2ZvI51K88ekUfqC34L20hiZS8kLtE3BLS/olqMsyuAnBc+
-----END CERTIFICATE-----
---
Server certificate
subject=C = KR, ST = Seoul, O = LG Electronics Inc., OU = HE Lab., CN = LGE TV SSG
issuer=C = KR, ST = Seoul, O = LG Electronics Inc., OU = HE Lab., CN = LGE SSG Intermediate CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Peer signature type: RSA
Server Temp Key: ECDH, prime256v1, 256 bits
---
SSL handshake has read 3700 bytes and written 421 bytes
Verification error: unable to get local issuer certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: 73C37B6DE6792C62A7A25E7C39CF4898D2614DDA30046B7D3172F4892122DD0F
    Session-ID-ctx:
    Master-Key: 6FBBF6E3240ED2D54DDBA22386E0B257A14C9DEDEB231C3616352D8EF115F4090E5BEECB01D4B9EF2D2D982F53143299
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 26 2c 89 3f f9 04 79 f8-22 4f b8 d3 68 5d d9 28   &,.?..y."O..h].(
    0010 - bb d4 07 bc c0 a7 99 29-a2 3f 2c 0b 91 42 58 30   .......).?,..BX0
    0020 - ee 67 fe 0c f4 40 2b 84-4c b7 3d 6b 12 aa 7d 4b   .g...@+.L.=k..}K
    0030 - b1 55 e4 b7 9c 31 03 84-a4 c6 bf d3 2e 2f e7 dc   .U...1......./..
    0040 - e3 54 c2 92 b2 d2 e7 37-3a 71 b2 e9 56 1e ba 3b   .T.....7:q..V..;
    0050 - 47 d9 7f dc 64 54 c7 41-3b 75 e3 71 f0 b2 34 6b   G...dT.A;u.q..4k
    0060 - ee dd d0 dc 02 ee 53 57-e5 02 3f 5a 58 a8 1a ee   ......SW..?ZX...
    0070 - e0 1a 26 65 98 c6 7f 56-62 bb 91 53 f0 9c c9 8f   ..&e...Vb..S....
    0080 - 00 a3 4a 9e 2d d6 cb d9-03 68 a5 ce c3 38 8d 98   ..J.-....h...8..
    0090 - a9 80 ec cf 8e 32 23 e7-31 69 a6 b6 b2 c2 8b d1   .....2#.1i......
    00a0 - cf b2 4a d8 e2 cc e4 1d-3c f5 48 e5 8e 82 3f c6   ..J.....<.H...?.
    00b0 - b7 36 9f f4 a9 a5 9c 89-a8 fd a9 ac 23 6e dc 25   .6..........#n.%

    Start Time: 1698968072
    Timeout   : 7200 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
    Extended master secret: no
---
DONE

---

Running Home Assistant container.

$ hass --version
2023.11.0

[Bidthedog]

Getting the same issue:

2023-11-06 16:10:45.952 ERROR (MainThread) [aiohttp.server] Error handling request
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 980, in _wrap_create_connection
    return await self._loop.create_connection(*args, **kwargs)  # type: ignore[return-value]  # noqa
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/asyncio/base_events.py", line 1112, in create_connection
    transport, protocol = await self._create_connection_transport(
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/asyncio/base_events.py", line 1145, in _create_connection_transport
    await waiter
  File "/usr/local/lib/python3.11/asyncio/sslproto.py", line 575, in _on_handshake_complete
    raise handshake_exc
  File "/usr/local/lib/python3.11/asyncio/sslproto.py", line 557, in _do_handshake
    self._sslobj.do_handshake()
  File "/usr/local/lib/python3.11/ssl.py", line 979, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/usr/local/lib/python3.11/site-packages/aiohttp/web_protocol.py", line 433, in _handle_request
    resp = await request_handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/web_app.py", line 504, in _handle
    resp = await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/web_middlewares.py", line 117, in impl
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/security_filter.py", line 85, in security_filter_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/forwarded.py", line 100, in forwarded_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/request_context.py", line 28, in request_context_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 80, in ban_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 236, in auth_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/headers.py", line 31, in headers_middleware
    response = await handler(request)
               ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/view.py", line 148, in handle
    result = await handler(request, **request.match_info)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/media_player/__init__.py", line 1179, in get
    data, content_type = await player.async_get_media_image()
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/media_player/__init__.py", line 595, in async_get_media_image
    return await self._async_fetch_image_from_cache(url)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/media_player/__init__.py", line 1097, in _async_fetch_image_from_cache
    (content, content_type) = await self._async_fetch_image(url)
                              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/webostv/media_player.py", line 483, in _async_fetch_image
    response = await websession.get(url, ssl=ssl_context)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/client.py", line 536, in _request
    conn = await self._connector.connect(
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 540, in connect
    proto = await self._create_connection(req, traces, timeout)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 901, in _create_connection
    _, proto = await self._create_direct_connection(req, traces, timeout)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 1209, in _create_direct_connection
    raise last_exc
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 1178, in _create_direct_connection
    transp, proto = await self._wrap_create_connection(
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 982, in _wrap_create_connection
    raise ClientConnectorCertificateError(req.connection_key, exc) from exc
aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host 192.168.3.9:3001 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')]

[dahasolutions]

same here

Home Assistant

Core 2023.11.1
Supervisor 2023.11.0
Frontend 20231030.1

Source: /usr/local/lib/python3.11/site-packages/aiohttp/web_protocol.py:403
First occurred: 10:19:27 (2 occurrences)
Last logged: 10:19:27

Error handling request
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 980, in _wrap_create_connection
    return await self._loop.create_connection(*args, **kwargs)  # type: ignore[return-value]  # noqa
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/asyncio/base_events.py", line 1112, in create_connection
    transport, protocol = await self._create_connection_transport(
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/asyncio/base_events.py", line 1145, in _create_connection_transport
    await waiter
  File "/usr/local/lib/python3.11/asyncio/sslproto.py", line 575, in _on_handshake_complete
    raise handshake_exc
  File "/usr/local/lib/python3.11/asyncio/sslproto.py", line 557, in _do_handshake
    self._sslobj.do_handshake()
  File "/usr/local/lib/python3.11/ssl.py", line 979, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "/usr/local/lib/python3.11/site-packages/aiohttp/web_protocol.py", line 433, in _handle_request
    resp = await request_handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/web_app.py", line 504, in _handle
    resp = await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/web_middlewares.py", line 117, in impl
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/security_filter.py", line 85, in security_filter_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/forwarded.py", line 227, in forwarded_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/request_context.py", line 28, in request_context_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 80, in ban_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 236, in auth_middleware
    return await handler(request)
           ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/headers.py", line 31, in headers_middleware
    response = await handler(request)
               ^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/http/view.py", line 148, in handle
    result = await handler(request, **request.match_info)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/media_player/__init__.py", line 1179, in get
    data, content_type = await player.async_get_media_image()
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/media_player/__init__.py", line 595, in async_get_media_image
    return await self._async_fetch_image_from_cache(url)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/media_player/__init__.py", line 1097, in _async_fetch_image_from_cache
    (content, content_type) = await self._async_fetch_image(url)
                              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/src/homeassistant/homeassistant/components/webostv/media_player.py", line 483, in _async_fetch_image
    response = await websession.get(url, ssl=ssl_context)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/client.py", line 536, in _request
    conn = await self._connector.connect(
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 540, in connect
    proto = await self._create_connection(req, traces, timeout)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 901, in _create_connection
    _, proto = await self._create_direct_connection(req, traces, timeout)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 1209, in _create_direct_connection
    raise last_exc
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 1178, in _create_direct_connection
    transp, proto = await self._wrap_create_connection(
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 982, in _wrap_create_connection
    raise ClientConnectorCertificateError(req.connection_key, exc) from exc
aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host 192.168.1.153:3001 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')]

[sehnugr]

Has this fix been released yet?

[V4ler1an]

I guess not? Any update on when we will see this? I'm all up to date and still getting the same SSL validation errors with my LG OLED. I also have no media images displayed as background in either the default Lovelace media player or custom Mini Media Player cards.

[vumaddibly]

@sehnugr Same here. I'm not sure what the hold-up is here but it seems that a fix for this problem was developed almost two months ago but has yet to be approved by the code owner - see Don't check SSL certificate retrieving webos image #104014

[sehnugr]

@vumaddibly for now i have a workaround. I installed the version with the fix as a custom component myself (read this somewhere else). When this fix is released i can remove it again.

[vumaddibly]

Thanks @sehnugr. Where did you find the custom component and what steps are required to install it?

[sehnugr]

@vumaddibly I'm sorry, i didn't download a custom component. I basically "made" my own. What i did was download the homeasssistant code, located the webostv folder under components. Changed the few lines of code mentioned in the commit and then deployed that webostv folder under the custom components folder of my installation. Rebooted homeassistant and it worked. (I was searching for a way to override the default component and stumbled onto a thread describing this, can't find that specific thread anymore though)

[vumaddibly]

@sehnugr, I've yet to find time to look at this any further. I'm curious ... do you also see timeout messages in the log immediately after you turn on the TV using the remote? My logs typically include the following errors and the repeat messages only stop when I manually reload the LG webOS Smart TV integration.

2024-01-22 17:03:47.213 WARNING (MainThread) [homeassistant.components.media_player] Updating webostv media_player took longer than the scheduled update interval 0:00:10
2024-01-22 17:03:47.215 WARNING (MainThread) [homeassistant.helpers.entity] Update of media_player.lounge_tv is taking over 10 seconds
2024-01-22 17:03:57.214 WARNING (MainThread) [homeassistant.components.media_player] Updating webostv media_player took longer than the scheduled update interval 0:00:10
2024-01-22 17:04:07.215 WARNING (MainThread) [homeassistant.components.media_player] Updating webostv media_player took longer than the scheduled update interval 0:00:10

[attiss]

Here's a workaround.

1. exec into your container (if you're using the containerized version)

docker exec -it homeassistant bash

2. copy the webostv core integration into your custom_integrations folder (the path might differ for install types other than container):

cp -R /usr/src/homeassistant/homeassistant/components/webostv /config/custom_components/webostv

3. edit the manifest.json file and add a version property with a valid semver:

{
  "domain": "webostv",
  "name": "LG webOS Smart TV",
  "version": "0.0.0-patch",
  "codeowners": ["@thecode"],
  "config_flow": true,
  "documentation": "https://www.home-assistant.io/integrations/webostv",
  "iot_class": "local_push",
  "loggers": ["aiowebostv"],
  "quality_scale": "platinum",
  "requirements": ["aiowebostv==0.3.3"],
  "ssdp": [
    {
      "st": "urn:lge-com:service:webos-second-screen:1"
    }
  ]
}

4. apply the changes from https://github.com/home-assistant/core/pull/104014 on media_player.py (or implement your own changes to validate the cert against the official LG ones).

5. restart home assistant

6. enjoy

7. keep an eye on the updates and remove the custom override when the issue has been

(overrides for core integrations)

[edwin-jones]

Just a note for the solution above @attiss, I think point 2 needs to read: cp -R /usr/src/homeassistant/homeassistant/components/webostv /config/custom_components/webostv as the module name needs to be the last part of the path for ha to pick it up according to the docs you linked. I've tested this on my own install.

[vumaddibly]

@attiss, will your workaround work on a HAOS bare metal installation?

[attiss]

I believe this override works for all installation methods. You will need to find the correct path of the webostv core integration as well as the path of the custom_components folder, those are very likely to differ.