Problem connecting to Home Assistant

i’ve installed rhasspy using docker from:

the setup for home assistant is:

I’m getting the following error in “Problems” tab:

“HomeAssistantIntentHandler Can’t contact server Unable to reach your Home Assistant server at htps:// Is it running?” (sorry i had to remove 1 “t” because i cannot post it otherwise - it is meant to be https)

this URL is accessible with no issues when i test it with postman. I’m not using HASS.IO image for the raspberry - i use raspbian with home assistant docker.

Not sure if you removed your Long Lived Access Token for posting, but if you did not you will need to get one and paste it in:

If you are using https:// protocol, and have a DuckDNS node name and SSL certificate, you must use the recognized DNS node name of your Home Assistant system. If you’re running Rhasspy in a docker container, you can enable this by adding the following line to your docker command:

--add-host  "" \

Yeah, and also what @FredTheFrog said : )

1 Like

thanks guys - i’ll check it and update.

and yeah - i removed the real token for the post :slight_smile:

@FredTheFrog i’m not sure what you mean by DNS name. let me explain my setup:

i have home assistant docker and rhasspy docker both installed on a raspbian buster. the network address of the raspberry is and to access it i use “”. the SSL certificate is a self signed one - i’m not sure if that might cause a probelm though.

what is the meaning of the dns name before the ip and in what way does rhasspy use it?

If both HA and Rhasspy are in Docker containers on the same host, you can safely ignore my post. :wink:

What @TinyDoT posted is more relevant. Be certain to generate your own long-lived token in HA, use that in Rhasspy, and be certain there are no leading or trailing spaces in the token on the Rhasspy settings screen.

i’ve generated the token i’m using in rhasspy from home assistant, and using the same token to call “” after setting the authorization header with it (adding "Bearer " before) - works fine.
checked - there are no spaces or non related characters in the string - i even copied it back from rhasspy settings to postman and it works.

any other ideas?

Since both dockers are on the same device please try using:


doesn’t work. i’m not sure it should - these are 2 different dockers - they live in their own OS basically, so localhost is useless i think…

Yes, you are right on this, I was having a Stupid moment, i need to eat, but I think I found your answer.


interesting thanks - i added the certificate to the profiles/en folder and added to “profile.json”:

"home_assistant": {
        "pem_file": "$RHASSPY_PROFILE_DIR/certificate.pem"

and it didn’t work, so i attached to the rhasspy container and used “printenv” and seen this variable set:

but and the variable “RHASSPY_PROFILE_DIR” does not exist there so i don’t see how it should work.
any ideas?

Ok, so you added the certificate, to your profile folder, which should be at “~/.config/rhasspy/profiles/en” and added the proper json to your profile. Now, at this point did you restart the server?

The $RHASSPY_PROFILE_DIR is a variable for your profile location which is:


and that is a link into your docker for the profile:


The way you have this setup, in theory should work after a restart if not may be @synesthesiam can chime in on this.

i did what you described and it didn’t work - $RHASSPY_PROFILE_DIR is not recognized inside the docker image (i printed the environment variables from within it and it does not exist). this variable must be set from within the docker container or it will have no value when it is used as the path from “profile.json”:
“pem_file”: “$RHASSPY_PROFILE_DIR/certificate.pem”

i’m not sure why it was not set, or am i missing something else here?

I wish I had a setup like this so I could test, but this is what I would try, i"m grasping for things here, but give this a try.

Replace - $RHASSPY_PROFILE_DIR with ~/.config/rhasspy/profiles/en


Replace - $RHASSPY_PROFILE_DIR with $HOME/.config/rhasspy/profiles/en

then restart the server and see where that gets you

same error.

i tried another thing - after attaching to the container, i saw that filesystem “/dev/root” is mounted on “/profiles” and the folder with the certificate is actually in “/profiles/en”, so i changed in profile.json to

    "home_assistant": {
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiIyNTc4ZDUxZTFiYjI0ZjFjYjA2OWFkZTgyYTJiNDU2YiIsImlhdCI6MTU4MDYwmTUzOCwiZXhwIjoxpDk1OuYxNbM4fQ.dGR_CFWgeT-buVMn8sdi36nEThbi-lEtSMVu3N7IJtA",
        "url": "",
        "pem_file": "/profiles/en/certificate.pem"

this path DOES contain the certificate when i’m doing “ls /profiles/en/certificate.pem” from within the container but it does not solve the issue after restart.
by doing “echo $HOME/.config/rhasspy/profiles/en”
i’m getting: “/root/.config/rhasspy/profiles/en” and this folder doesn’t exist. same output for “ls ~/.config/rhasspy/profiles/en”

another test i made - from within the container i run the following:

curl -X GET -H "Authorization: Bearer
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiIyNTc4ZDUxZTFiYjI0ZjFjYjA2OWFkZTgyYTJiNDU2YiIsImlhdCI6MTU4MDYwmTUzOCwiZXhwIjoxpDk1OuYxNbM4fQ.dGR_CFWgeT-buVMn8sdi36nEThbi-lEtSMVu3N7IJtA" -H "Content-Type: application/json" --insecure

and it works - i get the full list of states!
so i t seems that the URL is accessible from the docker, and the problem is related to rhasspy application itself - probably because of the certificate but i don’t understand why

The link that I sent you about this it seemed to solve the problem, but I do not know which version that was for. Maybe an update broke something that allowed this to work.

actually - it describes a different error - " HTTPSConnectionPool(host='home-assistant.local', port=443): Max retries exceeded with url: /api/events/rhasspy_ChangeInput (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))"

mine is “HomeAssistantIntentHandler Can’t contact server Unable to reach your Home Assistant server at htps:// Is it running?"

so maybe the certificate is not the issue. i need to see some debug logs for it’s start process - how can i do that?

ok - using porcupine + activating intent, i get this log error:

requests.exceptions.SSLError: HTTPSConnectionPool(host=‘’, port=8123): Max retries exceeded with url: /api/events/rhasspy_GetTime (Caused by SSLError(CertificateError(‘no appropriate commonName or subjectAltName fields were found’,),))
[WARNING:193611] urllib3.connection: Certificate did not match expected hostname: Certificate: {‘subject’: (((‘countryName’, ‘IL’),), ((‘stateOrProvinceName’, ‘Some-State’),), ((‘organizationName’, ‘Internet Widgits Pty Ltd’),)), ‘issuer’: (((‘countryName’, ‘IL’),), ((‘stateOrProvinceName’, ‘Some-State’),), ((‘organizationName’, ‘Internet Widgits Pty Ltd’),)), ‘version’: 3, ‘serialNumber’: ‘890120E2761B5C2C’, ‘notBefore’: ‘Apr 15 13:24:11 2019 GMT’, ‘notAfter’: ‘Apr 14 13:24:11 2021 GMT’}

it is indeed the same error as in the link you’ve sent