Ok after spending whole day reading every similar thread i’m hesitantly starting a new one out of desperation…
Summary;
I was using DuckDNS on RPi3 for a year and i switched to NUC-Proxmox-WM setup and used QCOW2 image to setup my fresh HA.
All is ok except i can’t get a secure connection from outside, i have a static IP and my ports are already routed to same IP from previous RPi setup. 8123-8123 and 443-8123 (Used 443-443 and 80-80 while generating certs. and deleted them now.)
Problem;
I can access my HA by using http://mydomain.duckdns.org but when i try to use https i get errors like;
“This site can’t provide a secure connection”
ERR_SSL_PROTOCOL_ERROR
“Safari cannot open the page because it could not establish a secure connection to the server.”
I checked my DuckDNS logs and it says certs are valid till “Nov 4” but i can’t find any way to refresh my certs to test. I even installed Let’s Encrypt addon and issued certs again but DuckDNS logs still using the same “Nov 4” expiring ones.
My main question is where are certificate files actually located that DuckDNS uses?
I even deleted the ones in the /ssl directory and DuckDNS still re-starts fine.
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[services.d] done.
# INFO: Using main config file /data/workdir/config
+ Account already registered!
[11:40:55] INFO: OK
91.93.135.154
NOCHANGE
# INFO: Using main config file /data/workdir/config
Processing xxxxxxxx.duckdns.org
+ Checking domain name(s) of existing cert... unchanged.
+ Checking expire date of existing cert...
+ Valid till Nov 4 14:47:28 2020 GMT Certificate will not expire
(Longer than 30 days). Skipping renew!
Are those certs not on my machine? Or is there another folder with certs since i use a WM?
# INFO: Using main config file /data/workdir/config
+ Account already registered!
[13:05:20] INFO: OK
XX.93.XX.154
NOCHANGE
# INFO: Using main config file /data/workdir/config
Processing mydomain.duckdns.org
+ Checking domain name(s) of existing cert... unchanged.
+ Checking expire date of existing cert...
+ Valid till Nov 4 14:47:28 2020 GMT Certificate will not expire
(Longer than 30 days). Skipping renew!
It says “/data/workdir/config” but there is no such folder…
This must be a joke
DuckDNS still working after deleting certificate .pem files from /ssl folder and it’s using nonexistent folders for config…
New here, so didn’t know if bumping was appropriate or not, but I’ve tried adding the SSL configs to my yaml file and it causes HA to not launch at all. I have added the http block as described in the DuckDNS Docs and the post from khouse75 and it doesn’t work. I found that the ssl folder that gets created by the addon is located at /mnt/data/supervisor/ssl in my installation on my raspberry pi. I created a hard link to the files in there to /mnt/data/supervisor/homeassistant/ssl so the config can pick them up. That didn’t work and after trying the absolute path, that doesn’t work either. I did a sanity check to see if there was a problem with the http block and could add it with just the server_port option and HASSIO loads fine with that.