Actually, the link from the documentation provides a loop in stating: " If you are using Home Assistant do not use this guide. Instead, use the DuckDNS add-on "
I feel like I am pretty savvy when it comes to port forwarding ( I have several hosts behind my router with various ports exposed, including VPN), but I wanted to try out the “easier” ssl direct forward. However, I am confused as to how to address this misconfiguration - i.e. no logs or anything indicating what is wrong. I was able to access via https://myhostname.duckdns.org, but could not access locally from the app on my phone.
Has anyone found a step-by-step setup for this, and if so, could you please share it and add it to the documentation?
Yes, I have port forwarding working with the external address https://mysub.duckdns.org (router accepts port 443 and forwards to my homeassistant port 8123). However, when I try to login locally using the ip address on the LAN (https://192.168.1.199:8123, I get the login prompt (and a notice that the certificate is not valid for the hostname) when it accepts, but then just goes to a “Retry” screen (showing the homeassistant icon).
Maybe it simply has to do with the certificate-hostname not being valid when using the local ip address. Not really the expected behavior, or maybe I am missing something…
Or maybe has to do with the “internal url” and “external url” settings in the “Configuration” panel. Currently have them set to the local “http://local_ip:8123” and “https://mydom.duckdns.org” respectively.
Did you ever find out how to fix this ? I have https working through the duckdns domain name but I also want to be able to access my HA server using my local IP explicitly - basically I don’t want to be dependent on the internet being available to access my HA server when connected to my home network.
The local message is “You have configured an HTTPS certificate in Home Assistant. This means that your internal URL needs to be set to a domain covered by the certficate” - which is all well and good but it doesn’t explain how.
It is working now with https://IP:8123
but I do get a certificate error that I have to bypass in the browser.
I do not recall exactly the steps, but I am just using the Duck DNS add-on with defaults.
You can use a nginx proxy instead of making your entire HA https. Then you can access the non-ssl locally and port forward the https one. Use something like nginx proxy manager addon which also handles letsencyrpt and duckdns.
You could use NAT LOOPBACK (hairpinning) on your router if its supported to access home assistant both internally and externally via the same domain name.
You could setup BOTH 1 and 2. Then you have a single URL and can fallback to the non-https port if the https one is inaccessible for some reason (no public internet ip).
You could subscribe to nabucasa which doesn’t require any of the above.