'm posting this to document an issue I recently encountered and its resolution, hoping it helps others facing similar problems.
I use the Home Assistant Android app to connect, via home Wi-Fi, to my Home Assistant instance running in Docker behind a Caddy reverse proxy that provides HTTPS using Let’s Encrypt certificates.
The app suddenly started showing an SSL handshake failure. However, I could still access Home Assistant from a browser on both my Android phone and PC. The TLS certificate was valid and hadn’t changed recently, and the Home Assistant version was stable at 2024.09.
Using Wireshark to inspect the traffic between the app and the instance, I noticed that the connection was using the new HTTP/3 protocol over UDP. Recalling a past issue where lack of fragmentation during the TLS handshake caused HTTPS failures, I decided to disable HTTP/3 on the reverse proxy.
After disabling HTTP/3 in Caddy (instructions below) and restarting both the reverse proxy and the Home Assistant instance, the SSL handshake errors disappeared, and the app worked correctly again.
I’m unsure why this problem suddenly occurred after months of smooth operation. It’s possible that an update to an Android component or the Home Assistant Companion App triggered it. I hope this information helps anyone experiencing a similar issue.
Instructions to disable HTTP/3 in Caddy:
{
# Add this line to the global section of your Caddyfile
# You must use tabs for indention
servers {
protocols h1 h2
}
}
# and this line to your site-specific config
homeassistant.mydomain {
header -Alt-svc
}