I don’t believe a subdomain should be important, it;s just what I have done. A subdomain in IIS is straight forward. Don’t forget to get a new certificate, unless you have a site certificate and to add it to your DNS records.
Happy to do a video call so you can inspect my setup - as this may be the quickest way to resolve the issues. If that is an option you want to take propose some dates and time. I can’t do today or tomorrow.
@DeanSmith did you get this resolved? What issue are you actually seeing? Reason why I ask is that I got a 502.3 error today. This was because the certificate that I had in the virtual machine had expired. Not sure why Let’s Encrypt on the virtual machine had not updated the certificate.
To be clear, I have two certificates. One that is installed on IIS and the other installed on the virtual machine. This is important.
For some reason Let’s Encrypt no longer runs on my virtual machine so I am using https://www.win-acme.com/ to create a certificate for IIS and the virtual machine. I then copy the certificate from the host to the ssl directory in the virtual machine… I need to automate this as the certificate will expire in another three months. I only took this approach as it works for me and seems easier than getting Let’s Encrypt working again.
It is possible to have a server certificate on your internet-facing server (apache + ngix or iis + aar) that reverse proxies to your http enabled ha server. I spent some considerable time researching this - but I’ve still not found the root cause.
@DeanSmith what do you see in the debug console and network requests? In Chrome or Edge press F11 and select the Network tab. This may reveal more information.
“VM version” is a vague term and doesn’t actually point to a certain installation method; however, if you used the virtual appliance installation option then you have the full OS and you can install addons. You only need to install DuckDNS (to get the domain) and NPM addons (takes care of Let’s Encrypt). You can then use NPM to reverse proxy (probably) anything you need with https://subdomain.domain.duckdns.org or https://domain.duckdns.org/subfolder (however, not everything works with subfolder, at least HA is not supported).
In my opinion NPM has better usage as the 5 domains that DuckDNS provides might not be enough for all users. Most of the services work for reverse proxying with both subdomains and subfolders but not all with subfolders (HA doesn’t, thus it needs a domain/subdomain).
NPM can be used to generate all the subdomains needed without having to deal with the 5 domains limit of DuckDNS (and to generate subfolders too).
On top of it, with NPM, certificate management is centralized and one doesn’t need to deal with any SSL stuff on the device itself, as might not be always possible to add certificate (and, in LAN, can use the non-secure address, http://192.168.x.y:port if needed instead of the https://subdomain.domain.duckdns.org)
I’d steer away from IIS if you have that chance. I have used it for years and boy what a joy it was to use something like NPM or Traefik compared to IIS. Way too cumbersome. I’d only use it if I really had to (e.g. company policies or whatnot). If you do want to use Windows Server/Hyper-V then I’d suggest setting up a HA VM or run HA on a linux distro VM. If you do not rely on AD (which most home users won’t) then I will highly recommend using Unraid or Proxmox instead (Unraid tends to be more user friendly and has docker natively).
Lastly, after reading this thread, I am actually pretty baffled that so many use duckdns. I really wonder why? A domain name is around 5/10 euro/dollar a year. Setting it up on Cloudflare would also give you all of its security features. My wife could never remember the duckdns address, but she can easily remember our domain name. It also looks better to see myname.com instead of myname.duckdns.com (added benefit, we also have email addresses [email protected]). I understand that it is free, I just wonder why so many do not care about an actual domain name (it is not criticism btw, it is a genuine question).