Just ran into the same issue myself.
My modem/router got reset (lost forwarding rules, password got reset, etc.) or something after my ISP logged into it to troubleshoot some other issue. After this, I started getting the This site can’t provide a secure connection: ERR_SSL_PROTOCOL_ERROR
when trying to access my HA using https://****.duckdns.org
.
I can access HA locally by using <localIPAddress>:8123
.
Forwarding rules (both to the IP-address of my Pi running HA):
External: Internal:
443 8123
80 80
I have tried forwarding 8123->8123 and installed only DuckDNS with LetsEncrypt both disabled and enabled, then tried to access HA using http://****.duckdns.org:8123
and https://****.duckdns.org:8123
, with the same result.
I have also re-installed both DuckDNS and NGINX step by step, without any luck. Even removed the certfiles in the ssl
-folder when re-installing the add-ons, and had a lot of restarts of both HA and the Pi itself.
configuration.yaml (relevant parts):
homeassistant:
auth_providers:
- type: homeassistant
- type: trusted_networks
trusted_networks:
- 192.168.100.0/24
http:
use_x_forwarded_for: true
trusted_proxies: 127.0.0.1
And no, there’s no stupid mistake with a rouge space in front of http
or it being declared twice, etc.
DuckDNS add-on configuration:
lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: ******
domains:
- ****.duckdns.org
aliases: []
seconds: 300
NGINX add-on configuration:
domain: ****.duckdns.org
certfile: fullchain.pem
keyfile: privkey.pem
hsts: max-age=31536000; includeSubDomains
cloudflare: false
customize:
active: false
default: nginx_proxy_default*.conf
servers: nginx_proxy/*.conf
As I am terrible regarding the difference between Docker, HassOS, and Hass.io I will just include some info displayed under the info
screen in HA (omitting what I do not think is important):
System Health
Version 0.118.3
Installation Type Home Assistant OS
Development false
Supervisor true
Docker true
Virtual Environment false
Python Version 3.8.6
Operating System Family Linux
Operating System Version 4.19.127-v7
---------------------------------
Hass.io
Host Operating System HassOS 4.17
Update Channel stable
Supervisor Version 2020.11.0
Docker Version 19.03.12
Board rpi3
This setup has worked for me without any issues before my modem got reset, and I have no clue how something like this just breaks without me touching any settings.
I would be very happy to take suggestions if there is anyone out there who may have an idea as to why.
I should also add that I have cleared the cache and deleted any page data that may have been stored in my browser.
edit:
Forgot to mention that I get this message in the Core
log in HA whenever I try to access HA using https://****.duckdns.org
:
2020-11-26 18:17:57 ERROR (MainThread) [aiohttp.server] Error handling request
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/aiohttp/web_protocol.py", line 314, in data_received
messages, upgraded, tail = self._request_parser.feed_data(data)
File "aiohttp/_http_parser.pyx", line 546, in aiohttp._http_parser.HttpParser.feed_data
aiohttp.http_exceptions.BadStatusLine: 400, message="Bad status line 'invalid HTTP method'"
edit2:
So it seems I managed to fix the problem by adding:
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
to the http:
of my configuration.yaml
. I still find it weird that it used to work without those lines before, but now I suddenly had to add them…
edit3:
I’m stupid, it didn’t fix the problem, it just “moved” it. Now I cannot use the app, as I need to add https://
if I want to access HA using the local IP, and then I need to manually click “Proceed to website” as it is considered unsafe. This does not work in the app and makes the app unusable while on the local network.