I’m running Home Assistant in Home Assistant OS as a VM and have a complication configured on my Apple Watch to view some info from HA through the companion app on iOS. Everything has been working fine but I recently enabled TLS for my Home Assistant instance and noticed afterward that my watch complication stopped updating after TLS was enabled.
Some testing confirmed that the complication works fine with TLS disabled and breaks as soon as TLS is enabled. I am using my own local CA to issue the certificates and have the root CA trusted on all my devices. No issues connecting to HA using the companion app on my iPhone as the root CA has been installed and explicitly trusted on that device in the Settings > General > About > Certificate Trust Settings.
I haven’t found any method of instructing the watch itself to trust a specific root CA but also haven’t found that to be necessary for other similar functions. For example I have an iOS Shortcut I’ve configured to use Siri to make an API call that interacts with another service I self host, with that service using a server certificate issued from my private CA. The shortcut functions just as well from the watch as it does from the iPhone, but I’m aware that while this may seem similar that under the hood it’s surely pretty different from what is actually happening with Home Assistant and the companion app.
Anyone able to shed any light on why this isn’t working and/or any possible fixes?