Is there any way to serve both HTTP and HTTPS?

I am using WallPanel all around the house and it is not working with SSL. I am also configuring the Alexa skill, which must have SSL. So I am trying to find a way to serve both HTTP and HTTPS.

Is there any way I can do this?

Thank you!

Nginx in front of HA.
HA can remain http but https calls will go to nginx and forward to HA http(this is still secure connection for Alexa purpose)

Thank you! I will research Nginx config, I am not too familiar with it, but should not be too hard.

Is Nginx more preferred for some reason than Apache or does not matter at all? I can see there are solutions for both webserver and I know Apache much more then Nginx. Thank you!


Both nginx and Apache can provide reverse proxy for this case.

I think it is mostly preference or based on existing infrastructure.

Thank you for your input on this!

Hi
I managed to setup the same:
HA served on http port 8123 internally and on https port 443 externally with letsencrypt certificates.
I then followe both the DOCS guide and some walkthrough on the web to implement a custom skill in aws alexa.
Somehow this does not work.
I do not even get the call made from AWS -> Homeassistant (no trace in the nginx logs).
Only once that happened and I received a “the skill gave an incorrect answer” (or something along those lines).
Port in the router are redirected as per instructions 443:->8123
Alexa cloud is correctly setup and the homeassistant skill works.
Did you managed to set up a custom skill?

I suddenly have one doubt: do I have to add this (developer) skill with the alexa app? even if I am logged in the console under the same account as with my Alexa echo?

an update:
I can see request being issued inthe alexa debug log on alexa dev site.

I tied to issue in the browser the endpoint command

https://mysite.it/api/alexa?api_password=MyPassword

And I see that indeed the enpoint returns a 404 error.

{
“header”: {
“namespace”: “SkillDebugger”,
“name”: “CaptureError”,
“messageId”: “f0ea89ce-2d18-4940-996f-8270d4ae9fdf”
},
“payload”: {
“skillId”: “amzn1.ask.skill.31d2ff24-5617-448b-8cdc-1c666520a0b2”,
“timestamp”: “2019-01-02T22:58:04.927Z”,
“dialogRequestId”: “ff35cc77-345a-4cb7-bad0-9432720dd03f”,
“skillRequestId”: “amzn1.echo-api.request.6a0141f8-c081-40a6-b504-4d44337da554”,
“code”: “SKILL_ENDPOINT_ERROR”,
“description”: “An error occurred while issuing a SpeechletRequest for (requestId [amzn1.echo-api.request.6a0141f8-c081-40a6-b504-4d44337da554]”,
“debuggingInfo”: {
“type”: “SkillExecutionInfo”,
“content”: {
“invocationRequest”: {
“endpoint”: “https://mysite/api/alexa?api_password=mypass”,
“body”: {
“version”: “1.0”,
“session”: {
“new”: true,
“sessionId”: “amzn1.echo-api.session.fcae62cb-121a-492d-aa7c-9a9e0c1d5aaf”,
“application”: {
“applicationId”: “amzn1.ask.skill.31d2ff24-5617-448b-8cdc-1c666520a0b2”
},
“user”: {
“userId”: “amzn1.ask.account.xxxx”
}
},
“context”: {
“System”: {
“application”: {
“applicationId”: “amzn1.ask.skill.31d2ff24-5617-448b-8cdc-1c666520a0b2”
},
“user”: {
“userId”: “amzn1.ask.account.ffd”
},
“device”: {
“deviceId”: “amzn1.ask.device.fdvd”,
“supportedInterfaces”: {}
},
“apiEndpoint”: “https://api.eu.amazonalexa.com”,
“apiAccessToken”: atoken"
},
“Viewport”: {
“experiences”: [
{
“arcMinuteWidth”: 246,
“arcMinuteHeight”: 144,
“canRotate”: false,
“canResize”: false
}
],
“shape”: “RECTANGLE”,
“pixelWidth”: 1024,
“pixelHeight”: 600,
“dpi”: 160,
“currentPixelWidth”: 1024,
“currentPixelHeight”: 600,
“touch”: [
“SINGLE”
]
}
},
“request”: {
“type”: “IntentRequest”,
“requestId”: “amzn1.echo-api.request.6a0141f8-c081-40a6-b504-4d44337da554”,
“timestamp”: “2019-01-02T22:58:04Z”,
“locale”: “it-IT”,
“intent”: {
“name”: “RunScriptIntent”,
“confirmationStatus”: “NONE”,
“slots”: {
“scripts”: {
“name”: “scripts”,
“value”: “notifica”,
“resolutions”: {
“resolutionsPerAuthority”: [
{
“authority”: “amzn1.er-authority.echo-sdk.amzn1.ask.skill.31d2ff24-5617-448b-8cdc-1c666520a0b2.scripts”,
“status”: {
“code”: “ER_SUCCESS_MATCH”
},
“values”: [
{
“value”: {
“name”: “notifica”,
“id”: “fe49ea3c5e2ae28e01779cd19718d8fa”
}
}
]
}
]
},
“confirmationStatus”: “NONE”,
“source”: “USER”
}
}
}
}
}
},
“invocationResponse”: null,
“metrics”: {
“skillExecutionTimeInMilliseconds”: 254
}
}
}
}
}

{
“header”: {
“namespace”: “CardRenderer”,
“name”: “RenderCard”,
“messageId”: “9988fdce-947a-433e-870a-17054fd5d038”,
“dialogRequestId”: “ff35cc77-345a-4cb7-bad0-9432720dd03f”
},
“payload”: {
“cardMetricAttributes”: null,
“creationTimestamp”: 1546469883888,
“deleteCardAction”: {
“actionType”: “DeleteCardAction”,
“cardId”: “86de554d-8871-4ac8-8c69-c65159d9d575”,
“mainText”: “Rimuovi scheda”,
“subText”: “Maggiori informazioni”,
“subTextRoute”: “help/node/201602230”
},
“descriptiveText”: [
“Request Identifier: amzn1.echo-api.request.6a0141f8-c081-40a6-b504-4d44337da554”,
“”,
"The skill responded with 404 HTTP status code "
],
“giveFeedbackAction”: null,
“hint”: null,
“id”: “86de554d-8871-4ac8-8c69-c65159d9d575”,
“nBestOptions”: null,
“originIntentType”: “RunScriptIntent”,
“playbackAudioAction”: null,
“primaryActions”: null,
“prompt”: null,
“registeredCustomerId”: “A3JN50KDCGZ2OX”,
“secondaryActions”: null,
“sourceDevice”: {
“serialNumber”: “d6fe1570ac53423984ef04838c397463”,
“type”: “A2HPYE8VLW820A”
},
“subtitle”: “Osvaldo”,
“textCardType”: “SELECTABLE”,
“thumbsUpDownActivityAction”: null,
“title”: “Skill response was marked as failure”,
“token”: “”,
“wrapTitle”: true,
“cardType”: “TextCard”,
“domainType”: “Echo.SDK”
}
}
I have read in some posts some rule about simple password (no special chars) to be used and my password complies.

Furthermore : I cannot have Hass served on port 443 internally (host port) and extenally (public ip port). I have read somewhere in the forum that this could be a requirement of aws

WTF is wrong… banging my head on it since 2 weeks

In the debug log you posted, does it contain any personal information you may not wish to share with the general public? Perhaps things like account information and access tokens?

1 Like

thanks. edited. and reissued

Is there a simple solution available to have both, https access from outside and http access from inside (home network)???

Same question was recently answered here (“use a reverse proxy”):