So my SD card fried and I have to start all over with hass.io. I am trying to get duckdns working again, but I get this error when lets encrypt tries to generate a certificate:
# INFO: Using main config file /data/workdir/config
+ Account already registered!
Thu Jul 25 21:36:12 EDT 2019: OK
24.154.114.167
NOCHANGE
# INFO: Using main config file /data/workdir/config
Processing myaddress.duckdns.org
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ ERROR: An error occurred while sending post-request to https://acme-v02.api.letsencrypt.org/acme/new-order (Status 400)
Details:
HTTP/1.1 100 Continue
Expires: Fri, 26 Jul 2019 01:36:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
HTTP/1.1 400 Bad Request
Server: nginx
Content-Type: application/problem+json
Content-Length: 178
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 9EDELGbdlDK22mKYKf45oojRzZzhOvhclA7m_xDXjWU
Expires: Fri, 26 Jul 2019 01:36:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 26 Jul 2019 01:36:26 GMT
Connection: close
{
"type": "urn:ietf:params:acme:error:malformed",
"detail": "Malformed account ID in KeyID header URL: \"https://acme-v02.api.letsencrypt.org/acme/acct/\"",
"status": 400
}
Having the same problem.
Tried to just install the LetsEncrypt add-on. That parts starts and if I understand correctly, creates all needed certificates without problem.
Looking forward to a solution.
Thanks.
Nowhere in the instructions does it tell you to do that. Forwarding the external port 8123 to HA on port 8123 is sufficient. Opening more ports than is necessary is an increased security risk.
This is not required if you are using the duckdns addon. It is included in the duckdns addon.
@tom_l: yes, i know lets encrypt is not needed when using DuckDNS, it was just a test to see if I could get the certificates. Will not run them both when duckdns is working.
Hmm, strange thing happened for me just nu. Restarted home assistant, and could only reach it from https://mydomain.duckdns.org:8123, not local IP.
Checking log from DuckDNS add-on, i still see that the post-check fails.
So, am i running encrypted traffic now, or is this a false sense of security?
Yes there is. Talk with your ISP’s technical support. They may move you to a non-NATed dynamic IP address free of charge. Mine did. Or you may have to pay for a static IP in which case you don’t need duckDNS.
There are other solutions (paid) but try talking with your ISP first.
I have a 4G router, not an cable ADSL connection.
The ISP told me that they cannot give me a public IP because my connection is meant for “only navigation”.
Without this, can I use Hassio in the same way, automations and so on, just taking into account that I will not be able to control it from outside?
May be I can set up some rule though a cloud service as Mi Home (Xiaomi).
Example: If I press a button (from the Mi Home app) then trigger an action in Home Assistant.
Ah, yes cellular networks are notorious for CGNAT. Yes you can still use HA locally without remote access but there is some very useful information in this video that you might like to use for remote access:
EDIT: also now that Nabu Casa has a remote UI it would be better to use this rather than the service in the video as it directly supports home assistant development.
Wow this was active while I was sleeping.
Sounds like someone is getting some help at least.
So as far as my scenario duckdns recognizes my public IP and my ISP does not block any ports that I’m aware of.
Also duckdns was working just fine before my SD card crashed. I can also access home assistant from duckdns by using http:, just not https:
