HA SSL Access different port than 443 (NGINX / DuckDNS)

Hello,

I’m trying to add an external access to my HA using SSL, but i already have an existing access to a local site on 443 port, on another VM than HA. Basically, i want to setup the block “New” in thefollowing schema, to access to HA using myhadomain2.duckdns.org(existing access to VM1 using mydomain1.xxxdns.com on port 443 is working properly).

So i have installed/started in HA:

So i have tried different combinations on ports configuration in NGINX and in the router (Asus), but none is working.

Example: Port on NGINX: 443, on the router forwarding the 1443 to the 443 on 192.168.1.11, and then trying to access to myhadomain2.duckdns.org:1443 doesn’t work

Example: Port on NGINX: 1443, on the router forwarding the 1443 to the 1443 on 192.168.1.11, and then trying to access to myhadomain2.duckdns.org:1443 doesn’t work

Tried also with 8123 combination.

Example: Port on NGINX: 443, on the router forwarding the 443 to the 443 on 192.168.1.11 (so then i remove the 443 forwading to 192.168.1.10), and then trying to access to myhadomain2.duckdns.org is working properly, but mydomain1.xxxdns.com is no more accessible.

Remark: as requested for NGINX, no http entry is added to my configuration.yaml.

Could you please help me on the configuration to be done?

I don’t have a complete answer as I have very little experience with nginx myself, but the feature you are looking for is called Server Name Indication, often referred to as SNI.
You’ll be able to access both sites at the same external IP address, both using port 443. Your web server (nginx) will check all inbound connections for what domain name they are asking for, and route the ones for your HA domain to the HA machine, and the existing one to the existing machine.

1 Like

Hello.
Have you tried just forwarding port 443 on your router to port 443 to your HA instance (192.168.1.11), and access using port 443 on your duckDNS NS?

Yes, in that case it opens the VM1 website (which i guess is due to that the router has 2 forwards from 443 ports)

Oh, so you need port 80 & 443 for your “.10” host. I hadn’t realized that!
In that case, you will need something like a reverse proxy.
Using nginx, you can setup that very easily, but i think you can’t do that using the Supervisor add-on.
Can you check if your router supports that? Reverse proxy?

Hello,

So i finally make it work with Nginx Proxy Manager instead of NGINX Home Assistant SSL proxy.
For thoses who may want to do it also:

  • Router forwards 443 to 443 to HA (192.168.1.11)
  • In Nginx Proxy Manager UI page, I create 2 proxy hosts, 1 for the first one, and 1 for the second. So is HA which is redirecting to VM1 based on the url.

Have a nice day!

2 Likes

Can you clarify that a bit? I’m tying to do something similar. I have a Nextcloud server and a HA docker container on the same odroid hc1. Currently port 443 directs to Nextcloud, but I want a secure remote connection to my Home Assistant.