Duck DNS with Let´s Encrypt not working

Stimo · October 30, 2017, 5:42pm

I am trying to setup the Duck DNS add-on with let’s encrypt on hass.io but I can’t get it to work,

The config in the add-on looks like this

{
“lets_encrypt”: {
“accept_terms”: true,
“certfile”: “fullchain.pem”,
“keyfile”: “privkey.pem”
},
“token”: “token”,
“domains”: [
“domain”
],
“seconds”: 300
}

My configuration.yaml looks like this

http:
  api_password: !secret http_password
  base_url: https://x.duckdns.org:8123
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

I have tried to forward port 80>80, 433>433 and 8123>8123. I also tried 433>8123 without any success. Am I suposed to generate any key or do anything more the add this to the config?

Can anyone help mw to get let’s encrypt up and running?

I gett this error in the logbok

2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.config] Invalid config for [http]: not a file for dictionary value @ data['http']['ssl_certificate']. Got '/ssl/fullchain.pem'
not a file for dictionary value @ data['http']['ssl_key']. Got '/ssl/privkey.pem'. (See /config/configuration.yaml, line 11). Please check the docs at https://home-assistant.io/components/http/
2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.setup] Setup failed for http: Invalid config.
2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of api. Setup failed for dependencies: http
2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.setup] Setup failed for api: Could not setup all dependencies.
2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of websocket_api. Setup failed for dependencies: http
2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.setup] Setup failed for websocket_api: Could not setup all dependencies.
2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of history. Setup failed for dependencies: http
2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.setup] Setup failed for history: Could not setup all dependencies.
2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of frontend. Setup failed for dependencies: api, websocket_api
2017-10-30 19:37:26 ERROR (MainThread) [homeassistant.setup] Setup failed for frontend: Could not setup all dependencies.
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of tts. Setup failed for dependencies: http
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Setup failed for tts: Could not setup all dependencies.
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of camera. Setup failed for dependencies: http
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Setup failed for camera: Could not setup all dependencies.
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of config. Setup failed for dependencies: http
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Setup failed for config: Could not setup all dependencies.
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of logbook. Setup failed for dependencies: frontend
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Setup failed for logbook: Could not setup all dependencies.
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of panel_iframe. Setup failed for dependencies: frontend
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Setup failed for panel_iframe: Could not setup all dependencies.
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of hassio. Setup failed for dependencies: http
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Setup failed for hassio: Could not setup all dependencies.
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of zeroconf. Setup failed for dependencies: api
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Setup failed for zeroconf: Could not setup all dependencies.
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Unable to setup dependencies of ios. Setup failed for dependencies: http, zeroconf
2017-10-30 19:37:27 ERROR (MainThread) [homeassistant.setup] Setup failed for ios: Could not setup all dependencies.

VdkaShaker · October 30, 2017, 7:51pm

I found this post laid out the steps well:

Note he (and I) only forward external 443 to internal 8123.

Stimo · October 30, 2017, 8:32pm

Thanks @VdkaShaker I got it to work now!

itchaboy · November 10, 2017, 1:04pm

Hi @Stimo currently in the same position with the same errors. So following those steps exactly got the errors to goaway for you? Can’t try until I get home from work

nick67 · December 2, 2017, 4:34pm

Same problem. I already use 443 for a different server on my network, so I don’t want to forward it to hassio. Has anyone got this working using the instructions from the addon page, which just say to forward 8123 external to 8123 internal?

(To be clear, my base_url includes :8123 on the end)

dap35 · December 2, 2017, 5:27pm

You can use a different port. I have my router fwd an unused port number to 8123 on my pi. You just have to specify that port on the URL in your browser. It also works with the iOS app.

nick67 · December 2, 2017, 5:36pm

Thanks for the quick reply! But how do I resolve the error above, where it can’t find the keys? It seems like they’re not getting generated I think? (I’ve just installed Hassio for the first time on a new pi - I used to use a C.H.I.P. with regular linux install, forwarding external 8123 to internal 8123). Error is:

ERROR (MainThread) [homeassistant.config] Invalid config for [http]: not a file for dictionary value @ data['http']['ssl_certificate']. Got '/ssl/fullchain.pem' not a file for dictionary value @ data['http']['ssl_key']. Got '/ssl/privkey.pem'. (See /config/configuration.yaml, line 11). Please check the docs at https://home-assistant.io/components/http/

Router config:
Forwarding 8123 external TCP to 8123 on hassio

configuration.yaml:

base_url: https://mydomain.duckdns.org:8123
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem

DuckDNS addon config:

{
  "lets_encrypt": {
  "accept_terms": true,
  "certfile": "fullchain.pem",
  "keyfile": "privkey.pem"
  },
  "token": "my_token",
  "domains": [
    "mydomain.duckdns.org"
  ],
  "seconds": 300
}

And my config directory (mounted via Samba addon) has no .pem files nor ssl directory.

Am I doing something wrong?

dap35 · December 2, 2017, 5:53pm

Just looking at my configuration, try changing the base_url to strip out the https and port like this:
base_url: mydomain.duckdns.org

nick67 · December 3, 2017, 5:07am

I’m an idiot. Added the port forwarding rule on my router but neglected to click save. Now that forwarding is working correctly, Hassio is happy.

Edit: for those stumbling across this later, I did not have to change my base_url - it’s still https://mydomain.duckdns.org:8123

Also, if I SSH into the system I can go:

cd /ssl
ls

and see fullchain.pem and privkey.pem listed there.

jonezy199 · August 26, 2018, 4:51pm

I know this is an old post, but I recently came back to tinkering with HA after a year of life getting in the way of hobbies. I reinstalled HA via hass.io and was amazed at all the updates. Anyhow, I spent countless hours following and re-following Juan M’s video to set Hass.io up (https://www.youtube.com/watch?v=q0LaamapGYg). Nothing seemed to work until I deleted

"
base_url: https://x.duckdns.org:8123
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
"
out of my config.yaml

I still cannot figure out why this is working now, but it is. Hope it helps someone else searching for answers.