I’m a new user. Running version 247 from STABLE on HassOS 4.13. updated today. Several connected and working systems, devices and automotations. But no working HTT-S (Had to edit as thinks text is a URL otherwise) connection!
I’ve setup DuckDNS even though I own my own domain with an SSL certificate which is not currently anywhere in my setup. I’ve got LetsEncrypt installed and configured. No errors in any of the logs that I can see but the LetsEncrypt log is hidden somewhere in a docker container I’ve not yet worked out how to access. The key files all look OK and are in /ssl as advised.
I can access my setup via HTT-P from anywhere using the DuckDNS domain name or my IP. I’ve forwarded the ports so both HTT-P (8123) and HTT-PS (443) from outside all go to my Raspberry Pi 4 on port 8123 .
I cannot get HTT-PS access to work. I’ve tried the same URL with and without the S and it works perfectly in the Android App and browser with HTT-P but never with HTT-PS. I get (or similar depending on the browser used):
# This site can’t provide a secure connection
**xxxxxxxxxxx.duckdns.org** sent an invalid response.
* [Try running Windows Network Diagnostics](javascript:diagnoseErrors()).
ERR_SSL_PROTOCOL_ERROR
I’ve copied below my configs for DuckDNS and LetsEncrypt + Logs.
DuckDNS config:
lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: XXXXXXXXXXXXXXXXXXXXXXX
domains:
- XXXXXXXXX.duckdns.org
aliases: []
seconds: 300'
DuckDNS snippet from LOG (IP removed):
[11:21:39] INFO: OK
xxx.xxx.xxx.xxx ------- IP removed
NOCHANGE
# INFO: Using main config file /data/workdir/config
Processing XXXXXXXXXXX.duckdns.org
+ Checking domain name(s) of existing cert... unchanged.
+ Checking expire date of existing cert...
+ Valid till Dec 30 09:37:59 2020 GMT Certificate will not expire
(Longer than 30 days). Skipping renew!
LetsEncrypt:
email: [email protected]
domains:
- XXXXXXXXXXX.duckdns.org
certfile: fullchain.pem
keyfile: privkey.pem
challenge: http
dns: {}'
LetsEncrypt LOG:
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] file-structure.sh: executing...
[cont-init.d] file-structure.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[10:57:38] INFO: Selected http verification
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Cert not yet due for renewal
Keeping the existing certificate
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal; no action taken.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.