Hi guys, sorry for silly question just new on these topics.
I’ve been able to set the duck dns plugin with certificates and I’ve been able to remotly login.
Some poblems are rised tryng to locally access caause the certificate don’t work fo local addresses.
Ok, I’ve skip the warning in the browser (noise but not big issue) what I didn’t like was that the companion app stop working.
Reading around I’ve seen that i could setup reverse proxy with NGIX. Form my undertandin it manages the encription if caming from external source but leaves internal as normal “http”.
I’ve follow the guide:
- open port 443 (tcp/udp) on the router to 443
closed port 8123 cause no more needed and not protected (right?) - removes the following lines from the “configuration.yaml”:
http:
base_url:xxxxx.duckdns.org
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
(casue they should not be required anymore)
- reboot.
After done this I’ve been able to login from pc on local as: “http://homeassistant.local:8123/”
from the app local as: http://192.168.1.210:8123" (why the previous “homeassistant.loca” not work?!?)
I was thinking ok, good!
but I cannot access anymore in https from outside! 
I’ve tried: “https://xxxxxx.duckdns.org”
“https://xxxxxx.duckdns.org:8123”
“https://xxxxxx.duckdns.org:433”
nothing work
If i do : “http://xxxxx.duckdns.org:8123” it works but doesn’t seems anymore (as I expect) a secure connection.
where is it my mistake??