Hey, I’m sorry if bring up a dead thread but it’s still the most relevant one on the subject of having local only https access for your home assistant.
I’ve read through the thread and I can now share the easiest way that I tested personally:
Pros: no duckdns addon, no nginx addon, no lets-encrypt addon
Cons: the certificate will expire eventually (in a couple of years) and you will have to generate a new one and push it to HA
I’m also running on hassio and it’s ok.
Install “SSH & Web Terminal” (the community one, not the official one!) add-on on Supervisor page of HA
This is needed to be able to write the cerificates to the HA filesystem
Install mkcert GitHub - FiloSottile/mkcert: A simple zero-config tool to make locally trusted development certificates with any names you'd like.
the instructions are in the repo, install the root CA, generate the certificate for you HA (note: not only the dns names are valid, but also ip addresses; one certificate can have multiple dns names / ip addresses)
Login to your HA via ssh and copy the certificates to /ssl directory (or some other directory)
Adapt the configuration.yaml accordingly:
Restart the server
If you installed the root ca on your device via mkcert - the https connection from that device should work already. Not the mobile app though.
For mobile app use the instructions at Troubleshooting | Home Assistant Companion Docs
you can see the location of your root CA files via
I also needed to clear cache / storage for mobile app or else it wouldn’t let me in.
- It works for me on MacOS + Android - both connected with https + ip address