With all due respect for the many that posted the long and extended explanations how to use SSL that I found here, so in other words access Home Assistant safely from a WAN using a https://… connection, most did not help me by far and actually just robbed a lot of time from me.
So I want to summarise and share just these basic steps what I did to get it working, hope some might find this useful. No add-on installs are needed and so this is also Core / Docker version compatible:
1 - Setup a DDNS service of your choice, e.g. through your router if it has this function (even just as a test), export the associated certificate so you have 2 files: cert.pem and key.pem
2 - Put these files in the same Config
folder the file Configuration.yaml
is of Home Assistant, regardless where this is on your host device.
3 - Speaking of which, locate and open Configuration.yaml
and add this:
http:
ssl_certificate: cert.pem
ssl_key: key.pem
File names could need adaptation of course.
Next time you restart Home Assistant it will then expect a SSL connection.
4 - Access your router and add in the Port Forwarding section the external port 8123 of your host’s IP address on both protocols (TCP and UDP) and leave the internal port blank so it will be the same port. Not going to explain a lot more about port forwarding, there are plenty of resources to find out how to do this. Also make sure your host has a fixed IP address but that is rather obvious.
5 - Restart Home Assistant.
6 - Now the old unsecured non-SSL in other words http://… access will not work any more, so beware to adapt all clients.
Access of Home Assistant on the LAN:
https://<IP of your host>:8123
Access of Home Assistant using the WAN:
https://yournicesubdomainname.ddnsservicename.com:8123
You can even bypass the DDNS service in case you have not set it up yet or just want to test with a certificate with:
https://<IP of your WAN connection>:8123
7 - That’s it. Time to have a coffee, or think about more fancy stuff to automate certificate renewal and such if you need to have this. Anyway, hope this helps some with non-standard Home Assistant installs like I have or just to understand the basics first.