Http server does not start with ssl key specified

Configuration
1

Using current stable versions.

If I specify an ssl certificate under http:, the http server does not start. Neither at port 8123 nor at 443. Commenting those two lines makes the server start at 8123. But I cannot find any error message anywhere. I would have expected an error in home-assistant.log

So where is the corresponding error logged?

Previously I uninstalled the addons for letsencrypt and nginx, and I created the keys with the apache2 mod_md module. But before thinking about what the problem is, I really want to know where the error messages go.

From configuration.yaml:

http:
  use_x_forwarded_for: true
  trusted_proxies:
    - 10.210.137.3
    - 172.30.32.0/24
    - 172.30.232.0/24
    - 172.30.33.0/24
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem
2

Never mind, I found another solution.

However I still would like to know where to look for error messages if the builtin server does not start.

I may be extreme about this - but IMHO missing or useless error messages are severe bugs.

My solution:

  1. remove http: from configuration.yaml again
  2. define an stunnel on my MAINSERVER running apache2, see below
  3. open EXTERNALPORT in the router, forward to MAINSERVER
  4. let apache2 serve ha.yyyy.de on the standard ports such that apache’s automatic renewal of letsencrypt certificates works
  5. just to simplify things: configure my local DNS server (unbound) such that I can access homeassistant directly with the same URL while being in my local net

Now I can reach https://ha.yyyy.de:EXTERNALPORT/ from everywhere.

root@MAINSERVER:/etc/stunnel# cat stunnel.conf 
pid=/var/run/stunnel4/stunnel.pid

cert=/etc/apache2/md/domains/ha.yyyy.de/pubcert.pem
key=/etc/apache2/md/domains/ha.yyyy.de/privkey.pem

[homeassistant]
accept=EXTERNALPORT
connect=#.#.#.#:8123