Skip to content

Can't connect to Home Assistant instance after certificate replacement #4381

New issue
New issue
Open
Open
Can't connect to Home Assistant instance after certificate replacement#4381
Labels
bugmac
@BaldFabi

Description

@BaldFabi
BaldFabi
opened on Feb 21, 2026

Device model, version and app version

Model Name: Mac Mini (2024)
macOS Version: Tahoe 26.3
App Version: (Can't find the information - the latest)
Safari Version: irrelevant

Home Assistant Core Version
2026.2.3

Describe the bug

I had to replace my internal certificates which are self-signed (was expired). My setup internally is Client -> HAProxy -> Home Assistant. I terminate the SSL session on the loadbalancer (HAProxy).
After updating the certificate (the CA is in the local keychain and in my Apple account), the Home Assistant app no longer connects to the Home Assistant instance.
After a quick look, my assumption was confirmed. The app doesn't "ask" whether I want to accept the new certificate. Unfortunately, it doesn't show any confirmation popup and just logs it.

2026-02-21 12:24:07.860 [Error] [main] [WebViewController+WebKitDelegates.swift:63] webView(_:didFailProvisionalNavigation:withError:) > Failure during content load: Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “homeassistant.xxx.local” which could put your confidential information at risk." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _WKRecoveryAttempterErrorKey=<WKReloadFrameErrorRecoveryAttempter: 0xbd3db1f80>, networkTaskDescription=LocalDataTask <2A8C3E80-57A6-43F6-9A65-97E2247E0B54>.<14>, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=(
...

To Reproduce

As described above, switch the certificate on a load balancer (or MITM proxy) between the client and Home Assistant if you were connected to Home Assistant before the certificate change.

Expected behavior

  1. I think the application should show a popup asking whether I want to accept the new certificate.
  2. (Just an assumption) The app should rely on the system keychain where the CAs are stored

Screenshots

After removing the Home Assistant instance from the app and re-adding it, I am prompted for the certificate.

Image

Additional context

Changing the Connection security level to Less secure doesn't help

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugmac

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions