Android app should allow user to accept self-signed TLS certificate

Currently, the Android app refuses https connection to HA, if self-signed TLS certificate is used.

It should ask user, and leave the decision if he wants to take the risk, up to user - similar way like most applications, browsers etc do.

There are valid use cases when self signed certificate can be used, and not allowing user to decide may just result in falling back to using plain http, which is much worse from security point of view. Currently the app is not usable at all in such case.

Note: self-signed certificate is no way a “certificate error”, it is a special case which is of course generally not recommended, but has valid use cases where using “real” cert is either not possible, or makes no sense (like if running in network without internet access, but still expected to be using https), and it should be up to user to decide.

there is already a pre-existing PR for this request, just waiting for requested changes and more review cycles

Client certificates are not the same thing as self-signed server certificates. It would probably just translate into allowing the client to disable cert checking.

A workaround would be to load your self-signed cert onto the phone and watches trust store. I know it’s possible to do this on android via the chorme browser. I am not sure if it possible on wearos.

1 Like

self signed certificates should work, see: Troubleshooting | Home Assistant Companion Docs

Since the original question is still pending that PR that was closed more than a year ago, here’s a somewhat friendly guide that works in case you want to use a personal certificate backed by your own self-signed root CA on Android:

Please no. We need more security, we need ssl pinning. Self sign certificate should be turn off by default, and you can put it in admin settings.

Sorry but i disagree, we already have security on a level which most companys do not have! Everbody (especially if you have the knowledge) should be able to decide on himself to accept a invalid or self signed certificate or not - fine for me to put this in any kind of admin area, but give me the option. The alternative is like on my side to just not use any security at all because I just don’t care. At the same moment I cannot decide at which port I want to operate - thats disgusting in terms of security because these are standard ports always included in random port scans. I prefer my open ports to set them in a range where nobody actually is looking at…

1 Like

No, success of HA as a whole depends on whether botnets have appeared on it. And if they appear, you will have to fight them with code. Therefore, you can do anything in your fork, but in the main repository - system should remain super secure.

Come on… I use local Grafana graphs via iFrame on my dashboards. I do not accept for this case that I have to open ports (which makes it unsecure). I expect that I can access via NabuCasa my local Home Assistant instance and this is accessing in the same secure local netzwork my Grafana.
I can do this with WireGuard and it works nice. Just not with the HA App on my Android. I request this in my case to keep security AND beeing able to use the app.