Https with Nginx doubt

I am running HA in a container, and Nginx in a conteiner too, and I want to secure the HA access with Nginx and letsencrypt ssl certificates. I can reach HA from outside only by Http, after create a nwe host on Nginx, but Https don’t work… there is no error on HA logs. Must I give access to pem files and certificates from inside Nginx container folder to HA to get it working? HA ssl folder is in a different container… I could copy and paste the files there, but it must be a problem when need to be updated…

Sounds like either:

  1. You haven’t forwarded the port to NGINX, but to HA
  2. You haven’t configured NGINX to use SSL

(and possibly you also haven’t added the the proxy settings to HA)

I ran the kind of setup you’re talking about for years before moving to Traefik. There’s no need to add SSL to HA itself if you’ve done the above.

I run almost the same setup, my NGINX is hosted on a Ubuntu machine. It runs certbot to issue and renew the lisences. this is my setup in my home.yourdomain.com

server {
    server_name  home.yourdomain.com;

    location / {
        proxy_pass http://ip to your HA installation:8123/;
        proxy_set_header Host $host;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location /api/websocket {
        proxy_pass http://ip to your HA installation:8123/api/websocket;
        proxy_set_header Host $host;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/home.yourdomain.com/fullchain.pem; # managed by Certbot

Thanks for the answer. Yes, I have forwarded both, 80 and 443 in my router to Nginx, and the host if use ssl and letsencrypt don’t open HA. If I delete the use of ssl from Nginx host to HA, it works from outside. I will take a look to traefik…

Thanks for your reply… your configuration work with https ?

Did you configure HA for the proxy (see the link above)?

Did you check the proxy log to see what’s happening?

Did you check HA’s log for warnings/errors?

Yes, it works with https.

I have similar setup but my domain isnt accessible over net.
I use nginx + letsencrpyt in docker. I have a domain and a bunch of subdomains for containers. I use nginx+letsencrypt to get certs for domain and subdomains. I just use adguard to resolve domain and subdomains back to my server ip.
Everything is working fine, certs are renewed automatically, tried to make cloudflare access on it, it worked but I shut it down.

I can check some additional info later on, but I don’t remember I needed to give some special access for https to work. But I will have to check.