Problem with duckdns/lets encrypt/http/port forwarding I dunno what

> So I am running hassio/homeassistant through docker. I am on version 0.117.1. I am working on a small minicomputer fitlet from compulab, and have a router d-link router DW-953 AC1200 4G with the possibility of LTE modem. I want to set up duckdns with lets encrypt, so I have installed the duckdns add on. This seems to be working. At least the log file for this seems to be giving just positive signs. I haven't kept the initial log messages but it said fetching certificates OK, and several other OK's. And I have checked my domain via dnsviz.net, and even checked with letsencrypt that the messages that I had there didn't indicate any problems. (Well I had some, but they were related to cookies, which they said had no relevance for this, which makes a lot of sense for a newbie like me). 
> 
> So far so good.. But no: I have set up port forwarding on my router:

(upload://okLbtCT40AAC588slx4XWeel5lz.jpeg) ![virtual_server_wchoice_2|690x440]
I have it set up both for the wan option and the lte modem. The relevant sections from my config are:

homeassistant:
# Geo location

  • name: XXX*
  • elevation: 650*
  • latitude: !secret lat*
  • longitude: !secret long*
  • unit_system: metric*
  • external_url: !secret duck_url*

And this:

# for duckns integration
http:

  • ssl_certificate: /ssl/fullchain.pem*
  • ssl_key: /ssl/privkey.pem*

I check my config, and get this

(upload://v6g0OdaZIbeZArZVFFd3Lb8Y179.jpeg) ![valid_config|620x343]]

But when I restart home assistant all I get is this

connection_lost
And I don’t get anything in my home-assistant.log file.

If I comment out the three lines relating to http, and restart, everything is fine, but I am not any closer to being able to connect from outside. This is very similar to this post:

https://community.home-assistant.io/t/duck-dns-lets-encrypt-doesnt-work/21795

But I don’t really see that anything that I can learn from this. What is even weirder is that now I have a pretty good explanation for why this is happening because if I use a tool like https://www.portchecktool.com/ it tells me that port 443 is not available… But when I checked yesterday, I could see it was open. This must be something with my port forwarding I guess, but this is really not something that I know much about… Now I have played so much with the settings of my %!# router that I dunno what is wrong. I desperately hope somebody here can help me… I have literally looked at this for several weeks now…

Any one know what is wrong, any help would be much appreciated. And why don’t I see anything in my logfile, it doesn’t write anything even though I have activates this:
logger:

  • default: critical*
  • logs:*
  • aiohttp: debug*
    I guess the fact that I have set default to critical explains why I don’t see much about anything else, but why I don’t get anything for aiohttp is a mystery to me. But wait I did have something yesterday evening:

2020-11-19 20:51:49 DEBUG (MainThread) [aiohttp.server] Socket error

But that doesn’t make much sense to me…
All I can see in my history is this:
(upload://4plIZOrcrdUa2OeRpIOdI4WFj6n.jpeg) ![http_login_2|542x165]

So it seems to be doing something, even though this is between the times that I have had http in and out…

I guess it’s got something to do with hairpinning or loopback, again not something I had even heard about until sometime last week… Here on my router I guess it boils down th remote management?
(upload://zQt5sQcQ2fsCjj7P7kqWTMsRfgF.jpeg) ![remote_management|348x500]

I tried to activate https management in the vain hope of this helping and then all I got was this:
(upload://lN16njjqvrT60WfPQxep6T1Skod.jpeg) ![security_threat|690x322]

(upload://lHJBx8YriYocIVi7yUfSTOfcYZO.jpeg)

In this video that I have looked at so many times it looks dead easy. https://techtechandmoretech.com/guides/hass-duckdns/.

I have also read through this one Installing TLS/SSL using Let's Encrypt multiple times, even though I realize that is should not be directly applicable to my case… But it doesn’t help that I have bought a really crappy router that hides all the difficult bits behind unfamiliar names. I have also wondered if this has something to do with the settings under ALG or having uPnP enabled, but I have tried disabling sip under ALG and disabling uPnP.

Sorry if this comes out a bit garbled…
But I desperately hope that this seems familiar to somebody, and want to help me.

 Sorry if this comes out a bit garbled..
[connection_lost|319x259](upload://YCoefQ0u6hkLGFrZw827FcPSet.jpeg) ![http_login|405x238](upload://4plIZOrcrdUa2OeRpIOdI4WFj6n.jpeg) ![http_login_2|542x165](upload://zQt5sQcQ2fsCjj7P7kqWTMsRfgF.jpeg) ![remote_management|348x500](upload://lN16njjqvrT60WfPQxep6T1Skod.jpeg) ![security_threat|690x322](upload://v6g0OdaZIbeZArZVFFd3Lb8Y179.jpeg) ![valid_config|620x343](upload://qZUiUcSKM0AaN6F0dIaD55yqEZU.jpeg) ![virtual_server_2|449x500](upload://okLbtCT40AAC588slx4XWeel5lz.jpeg) ![virtual_server_wchoice_2|690x440](upload://lHJBx8YriYocIVi7yUfSTOfcYZO.jpeg) 

Ok, forget my snapshots, I am off to bed