A more lightweight Let's Encrypt + DuckDNS setup

i use hassbian have home assistant and google assistant. Now i want to enable https for home assistant. could you help me!

Based on your output it looked like it worked. Are you able to connect locally via IP? The error message says to ignore it. Also I’m not familiar with port 2304, why use that port?

1 Like

this i random port i use


image my setting above, this setting work well before. After bad SD card, i flash new hassbian and reconfig but not have https for home assistant

I am currently running home assistant virtualenv on raspbian lite and resolved my issues. It is very similar to hassbian, without the scripts.

I ended up following this procedure.

https://www.splitbrain.org/blog/2017-08/10-homeassistant_duckdns_letsencrypt

I hope that helps you.

1 Like

Are you able to connect without HTTPS? Does HA come up

1 Like

yes i can connect with http, after following https://www.splitbrain.org/blog/2017-08/10-homeassistant_duckdns_letsencrypt add ssl then i type xxx.duckdns.org:2304, it can connet home assistant

If you can connect with http then likely home assistant cannot find the certificate & key files. Remember to change part of the path to include your duckdns name instead of myname

You know I remember something similiar. Make sure you run the let’s encrypt as the HA user.

yes, i use hassbian scrip for install duckdns: https://github.com/home-assistant/hassbian-scripts/blob/dev/docs/duckdns.md. It run HA user

When I tried that it did not work for me, but the issue may have been the Home Assistant setup. Compare your configuration with the split-brain setup. The files are either in the same places or close. The ls command can assist there.

I’m not super smart on the hassbian, but does it have a python VENV? Maybe that was my issue last time, I think I needed to run the script while the venv was activated? Ugg, I should have wrote down my steps, I just remember being frustrated as well, and the instructions were good, but either my setup was a bit different or I missed a step.

You do not need to use the venv when running the script.

There was something i ended up having to do. Not sure if it was running with the VENV activated, running as the Home assistant account, or running as root, I just remember being frustrated as well, running through was seemed to be a very simple well outlined process, and no one else seemed to be having issues, and the after hours and hours, tried it slightly differently and it worked. it’s been a while but like @hoatienii I had several posts in this same thread asking pretty much the same questions. I just wish I remember what it was that I had missed.

So is your HA install available via http://myhome.duckdns.org or whatever domain you set up?

1 Like

Thanks so much your support! I use cerbot and work now: https://www.home-assistant.io/blog/2015/12/13/setup-encryption-using-lets-encrypt/
Thank you so much everybody support me! Thanks 1000 times!

So. Can you share what issues you had for others in the future

i use hassbian scrip for install duckdns( in this script it have generate cert key) then i port forwarding external 2034 to 8123, type xxx.duckdns.org:2034 it not work. Then i use cerbot, the output comman here.

pi@hassbian:~ $ cd certbot/
pi@hassbian:~/certbot $ ./certbot-auto certonly --standalone                           --standalone-supported-challenges http-01                           --email [email protected]                           -d xxx.duckdns.org
Requesting to rerun ./certbot-auto with root privileges...
The standalone specific supported challenges flag is deprecated. Please use the --preferred-challenges flag instead.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates already issued for exact set of domains: xxxx.duckdns.org: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.

I port forwarding external 80 to internal 80 to Pi, external 443 to internal 8123 to Pi. Then i type xxx.duckdns.org, it work.

same problem user homeassistant can not read certs file

Are you sure it is https? Port 80 is insecure http and should not be forwarded.

Anyone having trouble working after upgrading to 0.90?