So trying to up my game and took the plunge on purchasing a domain name and rerouting all my traffic to my HA instance via my new domain. However now have some issues since it appears some devices don’t like the certificate.
Using the “Swag” docker container I updated the Homeassistant port and sub domain and domain names.
After rebooting all I can access from external address from my friends pc that has never accessed my HA instance at duckdns. But any device like my phone or laptops I get this error
Ha iOS app
“Unknown error: URLSessionTask failed with error: the certificate for this server is invalid. You might be connecting to a server that is pretending to be “ha.xxxxxxx.net” which could put your confidential information at risk.”
Chrome or safari i get the warning proceed at your own risk warning. Then I get to the homeassistant login page and enter my credentials and it loads then says “unable to connect to Home Assistant” rety
When looking at the certificate that it can’t validate it says the certificate is listed to xxxxxx.duckdns.org
How do I go about getting a new certificate? And replacing or removing the duckdns one? Is that in the HA config folder or in the swag docker container?
Who is “hosting” your shiny new “.net” DNS name?
Getting a letsencrypt certificate for a domain usually means that you have to prove that you own the domain by inserting certain values in the DNS configuration for that domain.
Assuming the DNS is hosted by some provider, maybe check on their support page if there would be details on how to get a letsencrypt certificate?
Thanks. I purchased my domain name through godaddy. They do sell ssl keys but they are very pricey. Maybe that is what I need to do I guess. Was wondering if the actual certificate was created by let’s encrypt or by duckdns. Sound like I’m stuck
Hmm, i use my own domain, and I use certbot to generate my certificates (which is let’s encrypt and also used by duckdns). Registering is a bit of a hassle, as you need to prove that you host the domain (and need to host a webserver on port 80 as part of the registration process).
I run certbot on my windows machine as scheduled task to check/update the certificate on my webserver daily and then move it to HA’s samba share
EDIT: Nevermind, there is a “pure” letsencrypt addon.
OP, you’ll have to remove the duckdns addon and install the letsencrypt one. You’ll reference your new FQDN there.
I guess the addon uses certbot as well, as there is no out-of-the box godaddy sypport for “dns” challenge. You’ll have to follow the “http challenge” route.
You could also use Caddy with a plugin for GoDaddy that will use the DNS challenge. You will get a LetsEncrypt or ZeroSSL cert for free. Caddy is a reverse proxy and there is an addon and a forum thread discussing it.
proceed at your own risk warning. Then I get to the homeassistant login page and enter my credentials and it loads then says “unable to connect to Home Assistant” rety