Https connection to HA local

Configuration
, ,
1

I want to program my new D1 mini with ESPHome through USB from my Chrome browser. When I want to Install the program in ESPHome it tells me that I need HTTPS.
image

image

When I use the Plug into… I get the message below.
image

With http:\ I can connect, but not with https://.
image

What must I do to get a secure local connection?

2

Easier is to use manual download.
You can use the tool EspHomeFlasher to flash the bins.
After that you can use OTA for flashing :wink:

3

For SSL:

  1. A secure certificate, such as provided by Lets Encrypt
  2. A domain name
  • Install DucksDNS with LetsEncrypt.
  • Install Nginx Core Addon

DuckDNS
Open your Home Assistant instance and show the dashboard of a Supervisor add-on.

NGINX Proxy
Open your Home Assistant instance and show the dashboard of a Supervisor add-on.

1 Like
4

I think local https can just use self signed cert but if already using cert for external you may be able to point “ssl_certificate” and “ssl_key” of http integration to that if not already

Domain is not requirement for https but you will get browser “this is not safe, are you sure” type error. Not sure if esp can be set to ignore this for self signed

5

If you already got those running, then it males sense, but installing an SSL certificate, NGinx, DuckDNS just to get an esp flashed is overkill and not needed.

If you really want to install something, you could try esphome dashboard :thinking:

6

That was my first thought, too. Anyone know why this is a requirement? Since by definition we’re working locally, it doesn’t seem SSL adds much value.

7

I can install bin-file when I use ESPHome Web from my browser.

8

Yes.
Because to use ANY of the newer Web APIs in web browsers (Bluetooth, Push Notifications, Sensors, Camera, Microphone, file system access etc) - a site needs to be using https. This is to prevent the possibility of dodgy sites being able to spy on you or cause damage to your machine. If any old website can just start writing raw data to any USB device that is attached to your computer, you probably wouldn’t be terribly happy about it.

9

Thanks, I figured it was something like that.

I know no-one here can fix it, but it still seems absurd. Basically every site nowadays uses SSL. This hypothetical dodgy site could of course be using it. Obviously some “are you sure” type prompt would be in order, whether HTTP or SSL, before the browser tries to connect to a USB device. But to make it totally impossible seems overkill.

OK. That’s off my chest now. Sorry. Carry on.

10

The good folks at ESPHome have set up another solution which doesn’t require adding anything:
web.esphome.io