Securing My External Connection

I am trying to set up my Home Assistant instance to allow me to connection from outside my local network. Currently, I connect without an SSL cert to let’s call it http://ha.mylocal.local:8123. I want to set up a secure connection from the outside using the URL let’s call it I have a signed certificate for my, and I configured port forwarding so I can connect to my HA from outside perfectly. However, my internal URL now doesn’t like cert since it is signed for another domain name. I have tried Let’s Encrypt but since my local domain name is not owned by me publicly that doesn’t seem to be a viable option. I would be plenty content to turn off the secure connection for the local environment, but that doesn’t seem to be an option. I can’t imagine I am the only person with this issue, but I am not finding it addressed anywhere. Does anyone have any solutions? The only solution I can come up with is to buy a mutli-domain cert, but that is a bit pricy.

There are (3) solutions.

  1. Set up your own SSL cert. On every internet capable device there are things called CA Certificates. These are used to verify that the certificate a server sends you comes from a trusted source. The only benefit that you get from using a big name CA Authority is that their CA Certs are preinstalled on every browser. Unless you have a bunch of people that will be using your home assistant it is really not beneficial to use something like this. I have my own SSL cert and CA.

  2. Use something like tailscale vpn. You simply install it on a machine on your local network then set that machine to be an exit node. Once you do this you can access devices securely over the internet using their local IP address. For instance my home assistant IP is I just connect to the tailscale vpn then use my local IP to access home assistant.

  3. Setup a CNAME record in your DNS server.