Duplicated http mapping key in configuration.yaml

Hello all,
I’ve been using HA for a month or so, thus I’m still working on my configurations.
I’ve successfully integrated DuckDNS, and I can access my HA from everywhere with a dedicated .duckdns.org webaddress.
Maybe because of some copy-paste during configurations of different network components, I have a problem with the configuration.yaml file, that says:

http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24

The HTTP mapping key is duplicated.
The editor file check shows a red mark, of course.
The file check before rebooting says everyting is ok.
Thing is, if I put all 4 lines under the same http, I cannot connect anymore from remote.

My opinion is that: the first http is considered and actually used in the configuration, the second one is not used and skipped. Is that how it works?
I’m not sure how to fix this configuration.

Thank you! Fabio

That’s a big red flag!

Is that 172 address really your internal IP, or have you copy/pasted that from elsewhere? The instructions for x_forwarded_for (docs) say:

If it is correct, and you’re sure that the SSL keys are correct, try this:

http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem
  use_x_forwarded_for: true
  trusted_proxies:
    - 172.30.33.0/24
    - 127.0.0.1
    - ::1

Thank you for your reply!

you’re sure that the SSL keys are correct

I have these files in a first level folder named /ssl: paths are from the root, not relative paths, right?

When I reboot, i get the following message:

502 Bad Gateway
nginx

I’ve been able to access via local ip address and restore the previous configuration.
I then looked into NGINX compontent documentations, and it says that it is not compatible with ssl_certificate and ssl_key options!
It means that my http configuration must be limited to the last part of the original one.

Thank you for helping me!
Fabio