Http: in configuration.yaml causes duckdns and login issues

I do see certificate files (.pem) in the /ssl path. I do have an AT&T Arris router.

Can you give me some other hints on this statement that you sent?

I am curious if that means you have to connect using http: externally not https.

Did connecting locally ever work? i.e. https://my_ip:8123?

Again, once you tell HA to use a CERTIFICATE, you are telling it to use HTTPS only. HTTP will never work with that.

You should be able to connect locally, using https://localip:8123, no matter what. You will get a certificate error on your browser, but it should be accessible.

I have deleted the .pem files and recreated with the duckdns add on. all good there. as soon as I remove the # in front of the http in the configuration.yaml i can never connect again. not even locally. I think you nailed it as a certificate or browser issue but not sure what I can do about if I can’t even connect locally.

)
2019-06-20 21:13:30 ERROR (MainThread) [homeassistant.core] Error doing job: SSL handshake failed
Traceback (most recent call last):
  File "uvloop/sslproto.pyx", line 500, in uvloop.loop.SSLProtocol._on_handshake_complete
  File "uvloop/sslproto.pyx", line 484, in uvloop.loop.SSLProtocol._do_handshake
  File "/usr/local/lib/python3.7/ssl.py", line 763, in do_handshake
    self._sslobj.do_handshake()
ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1056)

I think you need to learn some of the forum.

Screenshots of previous comments are not necessary. You can highlight the comment and just hit “quote” when it pops up.

Of course not. Your system is crashing. As I asked earlier, are you sure your spacing is correct in your yaml? You seem to have skipped over that.

Because your HA isn’t working.

http:
  base_url: "https://mydomain.duckdns.org"
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

above is my yaml. Is there a spacing issue? I wouldn’t be surprised, so thanks. I only edited this portion so below the privkey line is a blank line followed by the default stuff that is in there.

Thanks for the quote tip.

After a bit of a delay on getting back to this I wanted to close this thread. I still get SSL certificate errors in the logs, but I am not sure if that is expected or not as I am logging in locally using https://my_ip:8123. I am able to log in remotely outside of my network. This was a huge help to those that pointed out that i had to turn my WiFi off and then try it from my cell (thank you). Looking back on this I may have had a space in the wrong spot in my .yaml as well because I did not change any content. I am a beginner so all possibilities are on the table. Additionally I do appreciate the comments on the forum basics.

Your certificate is only good for the domain name. If you access by IP, you will get a cert error.