Can't Access HA After DuckDNS Install

So I was trying to enable remote access to my HA installation.

I enabled the DuckDNS Add-on, configured a URL at DuckDNS.org and configured the add-on as specified in the documentation. In addition, I forwarded port 443 on my router to port 8123 of the IP at which my HA install exists.

I also added the following lines to my configuration.yaml file:

http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

After restarting HA I’m unable to reach my HA installation using https://my-domain.duckdns.org (I think I know why - I need to put the Pi on which HA runs in the DMZ of my internet gateway). However, what’s worse, is that while I can reach the HA install using https://ip-address:8123 I’m unable to login using the credentials that I previously used. HA simply responds with an “Unable to connect to Home Assistant - RETRY” message.

Can anyone help me regain access to my HA installation!

Thanks

You could try http and local IP.
That worked for me when I used duckdns.

This only works when you use a reverse proxy, otherwise once you setup duckdns and letsencrpt you only get https access to HA.

Your modem/router must support NAT loopback to be able to connect to a host on your LAN with your WAN address.
That makes that in some cases you can only use your DuckDNS hostname from a foreign network.

It worked for me when I used duckdns

Do you have access to the config folder, by samba or SSH? If so comment out the http section in the config and you’ll be able to access locally.

But then you only used DuckDNS and did not configure SSL.

I had SSL also.
I got a certificate error but I could get around it using http. :man_shrugging:

Hi ,

I got the same problem when testing Duckdns-LetEncrypt addons for https feature.

To get your system back , you must remove the http integration in configuration.yaml using SSH acces .

EDIT : Sorry , I miss the same answer from @Samnewman86

The question remain that why the particuliar http configuration prevents HA to load i, an error message should be written in log instead ?

Good luck

And then you don’t have SSL anymore…

At least you can debug the addon

What do you mean by “And then”? After using http or what?
I have been struggling with this too lately and there seem to be a lot confusion about it in the many topics I read about it.

I would also think that @samnewman86 is not using SSL (Let’s Encrypt) anymore since he’s able to connect over http.

There are a few things to consider (this is what I have discovered so far):

  • Have you signed up for a DuckDNS subdomain AND configured Let’s Encrypt
  • Do you connect from your LAN or from a foreign network to your HA
  • Do you use a browser or the mobile app (a browser can bypass the problem with the certificate, the app not)
  • Does your modem/router support NAT Loopback (if yes: you can use your DuckDNS domain to connect, both from WAN & LAN)

Feel free to correct me.

The solution seems to be the " NGINX Home Assistant SSL proxy" Add-on

1 Like

I use nginx proxy manager.
So from outside I have https and inside I have http

Are you 100% sure that it’s http?!
Modern browsers automatically use httpS and don’t show it.

After removing the SSL certificates from the http config of Home Assistant.

You can still connect over http locally and https externally when you setup a reverse proxy.

1 Like

I am 100% sure that you connect locally over http if you setup a reverse proxy (like NGINX). That’s one of the main reason people use a reverse proxy with HA to be able to have a httos connection externally, but not having the overhead of https for local connections.
I’m running this setup for years.

1 Like