HA 2023.5 - Multiscrape fails with "unsafe legacy renegotiation disabled" error

[ChirpyTurnip]

Hi,

Not sure if this is a bug, and HA problem, or simply OS related since everything has recently been bumped to a newer version. In short I have a simple scrape, it's been working for a year, and this morning after the updates got applied it fails with this error:

2023-05-04 14:33:37.184 ERROR (MainThread) [custom_components.multiscrape.coordinator] Scraper_noname_0 # Updating failed with exception: [SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED] unsafe legacy renegotiation disabled (_ssl.c:1007)
2023-05-04 14:33:37.185 ERROR (MainThread) [custom_components.multiscrape.sensor] Scraper_noname_0 # Diesel Price ($/L) # Unable to scrape data: Skipped scraping because data couldn't be updated 
Consider using debug logging and log_response for further investigation.

The source website is still up so it's not that the target is missing, and nothing else has changed. It seems like a policy or SSL/TLS change that now prevents connection. I'm not really sure exactly what that means and whether the problem is on my end or at the target website end....or if a multiscrape tweak is needed to allow a less secure version of TLS/SSL to be used for trivial data queries.

Any help appreciated!

CP.

[codyc1515]

The root cause is actually with the website itself not supporting secure renegotiation. However, it seems to be the most recent update to HA that has presented this issue (presumably a security measure). Turning verify_ssl: false on appears to do nothing to help.

[danieldotnl]

Sounds related to: home-assistant/core#92500
I'll wait to see how this will be resolved...

[codyc1515]

Is this solved?

[danieldotnl]

No it's not, as it's also not solved in HA core. Feel free to create a PR if this issue is important for you.

[codyc1515]

All good. I'll take a look at this when I get a chance.