Hi,
I tried configuring NGINX to get https ssl on HA. I followed the instructions in:
Also, I places the ssl files recommended in the HA machine’s /ssl folder. These certs are valid and are in use on my other machine.
I set up port 443 TCP to be exposed and set my router to forward port 8002 to port 443 on my HA machine LAN IP. When I check for open ports, my external port 8002 shows that it’s closed. Also, I cannot access my HA remotely with https://HAdomain:8002. Could you kindly advise? On my HA machine, NGINX shows that it’s operating without errors and the logs look good.
Hi,
I did notice the following error message in the log:
[20:23:19] INFO: Running nginx…
nginx: [emerg] cannot load certificate “/ssl/fullchain.pem”: BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(’/ssl/fullchain.pem’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)
However, I do have these files in /ssl on my HA machine.
Thanks,
Phil
I find this alternative from frenck much easier to understand, and it does the DuckDNS work too. It also has a UI page where you can set up other proxy hosts to redirect to other services in your network (if you need - I also use WireGuard that needs to be redirected to port 51820).
Hi tmjpugh,
Thanks for answering, but I don’t understand why there would be a permissions issue? The permissions of these files are as follows:
-rw-r–r-- 1 root root 5607 Nov 24 20:22 fullchain.pem
-rw------- 1 root root 1704 Nov 24 20:21 privkey.pem
I also tried www-data:www-data as the owner but with no better results.
What would be the proper permissions settings?
Thanks,
Phil
Also, I got these files from my other machine’s ssl files. The domain name is the same for both machines. Is there any reason this wouldn’t work? It’s a mystery to me why NGINX cannot find the files when it reports that it’s looking right at them? I put these ssl files on /ssl where / is my HA system’s root directory.
Wondering if I’m missing something?
Thanks,
Phil