diff --git a/homeassistant/components/reolink/host.py b/homeassistant/components/reolink/host.py index 9bcafb8f00d..feeff9312c7 100644 --- a/homeassistant/components/reolink/host.py +++ b/homeassistant/components/reolink/host.py @@ -231,6 +231,7 @@ class ReolinkHost: "network_link": "https://my.home-assistant.io/redirect/network/", }, ) + if self._base_url.startswith("https"): ir.async_create_issue( self._hass, @@ -246,9 +247,28 @@ class ReolinkHost: ) else: ir.async_delete_issue(self._hass, DOMAIN, "https_webhook") + + if self._hass.config.api is not None and self._hass.config.api.use_ssl: + ir.async_create_issue( + self._hass, + DOMAIN, + "ssl", + is_fixable=False, + severity=ir.IssueSeverity.WARNING, + translation_key="ssl", + translation_placeholders={ + "ssl_link": "https://www.home-assistant.io/integrations/http/#ssl_certificate", + "base_url": self._base_url, + "network_link": "https://my.home-assistant.io/redirect/network/", + "nginx_link": "https://github.com/home-assistant/addons/tree/master/nginx_proxy", + }, + ) + else: + ir.async_delete_issue(self._hass, DOMAIN, "ssl") else: ir.async_delete_issue(self._hass, DOMAIN, "webhook_url") ir.async_delete_issue(self._hass, DOMAIN, "https_webhook") + ir.async_delete_issue(self._hass, DOMAIN, "ssl") # If no ONVIF push or long polling state is received, start fast polling await self._async_poll_all_motion() diff --git a/homeassistant/components/reolink/strings.json b/homeassistant/components/reolink/strings.json index 2389c433b20..806f2498094 100644 --- a/homeassistant/components/reolink/strings.json +++ b/homeassistant/components/reolink/strings.json @@ -44,6 +44,10 @@ "title": "Reolink webhook URL uses HTTPS (SSL)", "description": "Reolink products can not push motion events to an HTTPS address (SSL), please configure a (local) HTTP address under \"Home Assistant URL\" in the [network settings]({network_link}). The current (local) address is: `{base_url}`, a valid address could, for example, be `http://192.168.1.10:8123` where `192.168.1.10` is the IP of the Home Assistant device" }, + "ssl": { + "title": "Reolink incompatible with global SSL certificate", + "description": "Global SSL certificate configured in the [configuration.yaml under http]({ssl_link}) while a local HTTP address `{base_url}` is configured under \"Home Assistant URL\" in the [network settings]({network_link}). Therefore the Reolink device can not reach Home Assistant to push its motion/AI events. Please make sure the local HTTP adress is not covered by the SSL certificate, by for instance using [NGINX add-on]({nginx_link}) instead of a globally enforced SSL certificate." + }, "webhook_url": { "title": "Reolink webhook URL unreachable", "description": "Did not receive initial ONVIF state from {name}. Most likely, the Reolink camera can not reach the current (local) Home Assistant URL `{base_url}`, please configure a (local) HTTP address under \"Home Assistant URL\" in the [network settings]({network_link}) that points to Home Assistant. For example `http://192.168.1.10:8123` where `192.168.1.10` is the IP of the Home Assistant device. Also, make sure the Reolink camera can reach that URL. Using fast motion/AI state polling until the first ONVIF push is received." diff --git a/tests/components/reolink/test_init.py b/tests/components/reolink/test_init.py index f5f581760c1..8558ff0e8a2 100644 --- a/tests/components/reolink/test_init.py +++ b/tests/components/reolink/test_init.py @@ -10,6 +10,7 @@ from homeassistant.config import async_process_ha_core_config from homeassistant.config_entries import ConfigEntryState from homeassistant.core import HomeAssistant from homeassistant.helpers import issue_registry as ir +from homeassistant.setup import async_setup_component from tests.common import MockConfigEntry @@ -106,6 +107,7 @@ async def test_no_repair_issue( assert (const.DOMAIN, "webhook_url") not in issue_registry.issues assert (const.DOMAIN, "enable_port") not in issue_registry.issues assert (const.DOMAIN, "firmware_update") not in issue_registry.issues + assert (const.DOMAIN, "ssl") not in issue_registry.issues async def test_https_repair_issue( @@ -130,6 +132,31 @@ async def test_https_repair_issue( assert (const.DOMAIN, "https_webhook") in issue_registry.issues +async def test_ssl_repair_issue( + hass: HomeAssistant, config_entry: MockConfigEntry, reolink_ONVIF_wait: MagicMock +) -> None: + """Test repairs issue is raised when global ssl certificate is used.""" + assert await async_setup_component(hass, "webhook", {}) + hass.config.api.use_ssl = True + + await async_process_ha_core_config( + hass, {"country": "GB", "internal_url": "http://test_homeassistant_address"} + ) + + with patch( + "homeassistant.components.reolink.host.FIRST_ONVIF_TIMEOUT", new=0 + ), patch( + "homeassistant.components.reolink.host.FIRST_ONVIF_LONG_POLL_TIMEOUT", new=0 + ), patch( + "homeassistant.components.reolink.host.ReolinkHost._async_long_polling", + ): + assert await hass.config_entries.async_setup(config_entry.entry_id) + await hass.async_block_till_done() + + issue_registry = ir.async_get(hass) + assert (const.DOMAIN, "ssl") in issue_registry.issues + + @pytest.mark.parametrize("protocol", ["rtsp", "rtmp"]) async def test_port_repair_issue( hass: HomeAssistant,