DuckDNS domain isn't working

Hi,

TLDR; I have set up the DuckDNS and the port forwarding in the router, but lo and behold, I can’t seem to be able to access Hassio using the duckdns domain.

The port has been forwarded in the router as follows:
IP direction: 192.168.1.194
Protocol: TCP
Internal Start: 8123
Internal End: 8123
External Start: 8123
External End: 8123

I have reset both the DuckDNS add-on and the HASS. But when I use the link https://my_domain.duckdns.org:8123 it refuses to connect.
I have no idea what else I can do. I’ve also tried setting the external port to 443 as some other posts suggest, but with the same effect.

Any ideas?

Are there any errors on the Homeassistant log?
Can you access HA , but wuth a certificate error, by going to https://<internalIp>:8123 What about http://<internalIp>:8123

You should be able to connect https with certificate errors but not http. Let’s be sure that is working first.

I’ve just tried both http://mydomain.duckdns.org:8123 and https://mydomain.duckdns.org:8123 and none of them work. After that I have checked home-assistant.log and there are no new errors.

No ssl errors?
First, I would temporarily remove the port forwarding until you are sure your server is secure.

Then, to be sure, I would comment out the base_url & the ssl lines. Restart Home Assistant & verify access using http.

Next, verify the certificate & key files are where HA expects them.

Hi, i have had problems in the past with duckdns aswell.
Here’s what we found that time, not knowing if this is the same.

Perhaps you have some logs to share, and if it works without duckdns (try to connect to the IP (https://192.168.1.194:8123/) directly instead of an dns-adress, and inside your network, as bosborne asked).

Sorry, I misread what you asked for. I have testes doing it with the internal ip and it works with http, but with https it does produce an error in the log.

ERROR (MainThread) [aiohttp.server] Error handling request
Traceback (most recent call last):
File “/usr/local/lib/python3.7/site-packages/aiohttp/web_protocol.py”, line 275, in data_received
messages, upgraded, tail = self._request_parser.feed_data(data)
File “aiohttp_http_parser.pyx”, line 523, in aiohttp._http_parser.HttpParser.feed_data
aiohttp.http_exceptions.BadStatusLine: invalid HTTP method

I have checked and the ssl certificate and key are where they should be.

1 Like

Try and remove :8123 from url

Removing the port (8123) makes the link (mydomain.duckdns.org) access the ip of my router, and so, access the router configuration page.

I what caused part of the problem. There was a small indentation in a line of the configuration file. Now there is different error in the log

ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
File “uvloop/sslproto.pyx”, line 500, in uvloop.loop.SSLProtocol._on_handshake_complete
File “uvloop/sslproto.pyx”, line 484, in uvloop.loop.SSLProtocol._do_handshake
File “/usr/local/lib/python3.7/ssl.py”, line 763, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: HTTP_REQUEST] http request (_ssl.c:1056)

1 Like

For me the solution was to uninstall the duckdns addon and instead use the duckdns component, and install lets encrypt addon to use https.
I could not make the duckdns addon to work for me either.
Perhaps that could work for you aswell?
Make sure you disable ssl in configuration.yaml until you have set the rest up, perhaps have ssh auto enable so you don’t brick your HA :slight_smile:
More details on the solution in the post i linked before and thanks to the person suggesting it to me.
Not sure how used to HA you are so i’ll start with this short description :slight_smile:
Hope it works!

Then the install is wrong, if you are on HassIO use the duckDNS with Lets Encrypt addon.
I don’t use the :8123 when accessing from outside.

To clarify, you must have :8123 in the config. But not when accessing.

Do as this:

This is incorrect. This depends on how you setup port forwarding, and where you are accessing from.

If you navigate to https://192.168.1.2:443 (equivelent to https://192.168.1.2) you wouldn’t get a response from Home Assistant.

If you navigate to https://yoursubdomain.duckdns.org:443 from outside your network you may or may not get a response. If you opened port 443 and forwarded to 8123 it would work. If 8123 is forwarded to 8123 it wouldn’t work.

From inside your network it depends on how your loop back or dns is setup.

1 Like

Yes, and as I stated I dont need it and it works for me. If one way does not work a new way might be needed. @Francloz is having a problem and I am telling him to try my way.

I dont use any port when accessing my HA from outside.
Maybe you can give Francloz help insted of guessing how my HA is configured.

My tip to you @Francloz is to do as the video. Works for me, good luck!

BR

I was just trying to clarify how things work, not offense meant.

Understand that when you access your HA you are specifying using a port, you may just not be manually specifying it. https://yoursubdomain.duckdns.org and https://yoursubdomain.duckdns.org:443 are making a request to the same port on your router, you are just specifying it manually in the latter.

HA by default responds on port 8123 unless you change it with server_port: under the http: section of your config. How you arrive at that port on your HA server from the outside depends on how your port forwarding is setup.

@Francloz if you do follow that video, take note of the fist comment. A lot of people think you need to open 443 and 80 to make the duckdns add-on work, which isn’t true.

Paulus Schoutsen @balloob via Twitter stated that it is not required to set up a port forwarding rule for Let's Encrypt. The DuckDNS add-on uses the DNS challenge with Let's Encrypt. So, please disregard the forwarding rule named Hassio_Lets Encrypt created at 2:06 and the Hassio_SSL rule created at 2:30
The Second Hassio_SSL rule created at 3:12 that forwards port 443 to 8123, it is definitely required.
1 Like

Did not know that. Thanks

Thank you very much

I forgot how I set it all up in the begining so when I reset my router to defaults I forwarded 443 to 443 instead of 443 to 8123.

:woman_facepalming:

Hi, I am adding this to this thread because I think it is related, I may be wrong. I could use some help. I am new to HA and have only setup a static IP in my router (i had issues with the USB method). This works perfectly until I continue further. I follow the video and other videos on setting up duckdns and something really odd happens (#).

First let me tell you what i have done. Fresh config on sd card. After 20 min log in to HA. All good. load configurator and duckdns. I have the duckdns token from doing this prior. Modify the config for duckdns.
{
“lets_encrypt”: {
“accept_terms”: true,
“certfile”: “fullchain.pem”,
“keyfile”: “privkey.pem”
},
“token”: “xxxxxxxxxxxxmy_tokenxxxxxxxxxxxxxxxxxx”,
“domains”: [“mine_here.duckdns.org”
],
“seconds”: 300
}

All good. here is where it goes south. I modify the configuration.yaml
http:
base_url: https://mine_here.duckdns.org:8123
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
as soon as I remove the # in front of the http: I am never able to log back in post reboot using (http://my_ip:8123, https://my_ip:8123, http://mine_here.duckdns.org:8123, https://mine_here.duckdns.org:8123)

I am not 100% sure but it seems that the local network attempts should work. The duckdns should not until I port forward 8123 and 443.

I have done this dozens of times. I was able to get duckdns to work http://mine_here.duckdns.org:8123 (not secured) but I had to change the configuration.yaml to include the # and change to http (I think this means my fort forwarding works but not https (443)

http:

base_url: http://mine_here.duckdns.org:8123
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem

Any help would be appreciated. I am trying to off the ground :slight_smile:

Hi All,

I was having issues with duckDNS and couldn’t figure out the problem. I set up everything as identified in the guide and youtube video from JuanMTech but it wouldn’t work. The ports would not reflect as open in port testers even though everything in the DUCKDNS and Config.yaml were correct.

I found the issue is that my raspberry pi is connected via eithernet to my Orbi router, but that router is actually second in line. We have centurylink fiber and they put a mandatory router after the optical terminator. That router is what is receiving the request from duckDNS and the ports aren’t open on that router.

To solve the issue, logged into the centurylink router and forwarded 443 from external to 443 at the IP address of the orbi router. Then I forwarded external 8123 to 443 at the orbi router. this was successful with the already forwarded port on the orbi which forward onto the raspberry pi.

Hi everybody, since las update 0.108.2 I can´t use https any more. Anybody having the same issue? I used perfectly before the update. Any help is highly apprecieted.

It wasn´t the update. Duckdns was down.