This is my problem: my ISP won’t allow me to open ports 80/443. I already opened all the ports I need, including 80/443 in my modem. All the other ports works, but not those two. I contacted my ISP and they said that’s it. They don’t allow it. It’s not a modem configuration. The ISP itself doesn’t allow unless I change my Internet Plan for a more expensive, with static IP and stuff…
I dont use port 80/443 to access my HA, but I use Let’s Encrypt and it requires port 80/443 open when renewing the certificate.
I tried to see if it’s possible to change those ports on Let’s Encrypt so they use other ports when renewing, but apparently this is a big deal in LE forums and it’s already said that it’s not possible.
(If i’m mistaken, please tell me).
So my question is: do you guys know any other alternative to Let’s Encrypt that I dont need ports 80/443? If that’s not possible I’ll have to end up paying that “home assistant cloud” to access my HA with HTTPS over the internet =/
A cheap VPS for $5 a month (the advantage is that you can use it for other things).
Expose HA without SSL. Sign up for a ClouldFlare account and use that as a proxy (it will use SSL between you and Cloudflare, and then restrict HA to only allow local access and the ClouldFlare IP addresses.
Using ZeroTier or a VPN. (The only downside is that you’d need an app to be connected at all times).
Are you using your own domain and can control DNS (in particular the ability to create TXT entries)? In that case you could use Letsencrypt’s DNS challenge.
This way will I be able to use Google Home? (because to expose my services/scripts/etc to google home/amazon alexa it needs to be with HTTPS, right?)
I use DuckDNS. Do you know if it’s possible with it?
I’ll google this Letsencrypt’s “DNS Challenge” anyway. I’ve never heart of it… I’ll check to see if it’s useful for me
Yes, you should be able to use anything that requires HTTPS without an issue as long as it accepts a custom port (you won’t be able to use the default one).
My two cents: Nabu Casa. It takes like 5 minutes to get set up, you get a remote UI out of the box without opening ports. As a bonus, instant Google Home and Alexa support with more goodies coming soon.
Thanks a lot! I used this link, it took me to this page HASS, DuckDNS and Let's Encrypt [splitbrain.org]
I followed the tutorial and it worked like a charm. Now I have SSL without ports 80/443 opened.