Hya,
is there a way to have HA listening to 2 different http ports, one for HTTP and another for HTTPS?
Thx in advance.
Any hint? Thx
Seems like no way. The idea is if http is open, there is no point in https whatsoever, the security of that HA is screwed. If you want to keep http port for the local network and open https to the world, the advice is to use a reverse https proxy (I use nginx for this) on your gateway. Another benefit of this approach is that the certificate renewal script will want port 80 open while updating (letsencrypt uses it to verify the domain ownership) and if you do this on the gateway, you don’t have to stop/start HA.
Thx for answering,
The problem i have is a bit different. I already have it in https working, but some of my devices, like my older ipad does not accepts my private certs.
So, i would like to answer internally and externally to https (for devices recognising my own certs) and to internally to http for the devices not recognising my certs.
The only workaround I know is to teach your DNS to return local ip for the public hostname which you use to access HASS from the internet and which you have certificate for. My home DNS is dnsmaq on an orange pi so simple adding 192.168.10.20 my-public-hass_ip.com to /etc/hosts does it, if you could do it on ipad - that would do too but I do not think you can.
i did the following:
port 8123 internal, no SSL, and apache SSL proxy to it from external port.
Thx!