AppDaemon https not working [solved]

Hi,

I just installed AppDaemon using Add-On Store within HA, and changed following code in appdaemon.yaml file:

http:
  url: https://127.0.0.1:5050
  certfile: fullchain.pem
  keyfile: privkey.pem
  cert_verify: True

the certfile and keyfiles are in /ssl folder, after restarting HA there are no errors but the App Daemon Dashboards are still showing up under http not https.

I am little confused if I did not configure it correctly or if there is a separate tweak to secure the dashboard.
Thanks.

Shouldnā€™t the add-on handle this for you? I think you shouldnā€™t need to adjust these settings

From the AppDaemon (version 4) Info page under Supervisor, when I click on ā€œOpen Web UIā€ it is still working as http and I cannot get it to work as https.

Why do you want https in your internal network? For me thatā€™s unneccessary overhead.

My HA is running on a R7910 single rack server so additional overhead of https is not an issue. The HA machine is on same subnet with other IoTs, I think using https is a better option than http especially since I donā€™t know what all codes and things I might add in future.

The overhead is also no issue for me, but itā€™s not necessary, unless you donā€™t trust your local network.

Your issue is probably that the certificate is only valid for your public domain and not for the machines in your local network.

Normally I would agree that a device has to be trusted to be on the IoT network but the rate at which IoTs are adding up I am not sure how far this assumption will hold its ground. At some stage just updating bios across all IoTs would become a chore :grinning:

One question as I do not know a lot about AppDaemon, is the port 5050 (AppDaemon Admin console) that I am accessing via browser only for viewing logs and stats? If so then http would do fine but if not then it can create problems as in few instances sensitive information could be transmitted in plain text to entire LAN of IoTs.

Thatā€™s why I put all of this ā€˜phone homeā€™ IoT devices in a separate VLAN with no access to the internet and only specific ports are opened from this VLAN to the VLAN where the HA server lives.

Yes, you can see the callbacks, apps running, logs etc. You canā€™t disable apps or control them in any way from this overview page.

1 Like

Awesome then http would do just fine even for me :grinning:

I am working on setting up VLAN for IoTs exactly for the same reasonsā€¦thanks :+1:

1 Like