SSL with Lets Encrypt for own domain

I know DuckDNS will setup and renew an SSL cert for you, but is there a way to use your own domain? Everything I see points to duckdns.

1 Like

duckdns only provides a dns name for a dynamic host, it does not renew an SSL cert for you. Letsencrypt provides that part.

If you have your own domain, just skip the duck dns part and use letsencrypt to gain a cert for your own domain.

But how do you install it?

If you follow the letencrypt guide, just use your dns name instead of a duckdns one.

E.g. with this guide, https://www.home-assistant.io/blog/2015/12/13/setup-encryption-using-lets-encrypt/

At this step,

$ ./certbot-auto certonly --standalone
–standalone-supported-challenges http-01
–email [email protected]
-d hass-example.duckdns.org

Replace the hass-example.duckdns.org with your domain, e.g. homeassistant.futuretense.org

1 Like

BTW, I found this guide to installing Nginx and Let’s Encrypt to be the easiest way of setting up SSL and redirecting all HTTP traffic to HTTPS. And this works for any service you want to use. So if you have a torrent server on your network instead of http://example.com:8085 you could have http://torrent.example.com which redirects to https://torrent.example.com. Thus you only have to open 80,443 on your firewall for most services. I only have one other open, for OpenVPN.

Ok, I get wanting a free SSL cert, but I have my own domain and can quickly and easily procure my own SSL cert. I understand others don’t have that option, or would rather get the free one, but I would rather use my own domain and a cert issued by digicert.

How can I set this up in Home Assistant? I’ve been struggling. I have updated the certs, I updated the config.yaml file to point to the certs, but it does not work.

I am also not getting any good errors or explanations out of HomeAssistant.

There are probably a lot of configuations that I could do differently, but I would like my internal and external traffic to HomeAssistant to use SSL and I would like to fit homeassistant into my current landscape with my NAS and computers, etc so that they can all reach each other as needed and so that I can continue to use my own VPN. I should also point out that I am working on eliminating as much reliance on the cloud as I can, and to keep as much of my information and activities from HomeAssistant out of the cloud. I am replacing a Samsung SmartThings implementation. If I want to heavily rely on cloud services, I would just keep it.

I appreciate any help.

So, to restate, basic desire is to

  1. Use my existing domain name for my homeassistant installation
  2. Use my own digicert SSL certificate
  3. No duckdns, no lets encrypt, no free 3 month ssl cert
  4. No changes to my DNS provider

Can this be accomplished and if so, any info on how?

Thanks a bunch

Where’s the guide you’re referring to @FutureTense? I don’t see a link anywhere?

For anyone interested i found this walkthrough and it worked perfectly for me. I’m using it for both DuckDNS and for a Google Domains address i bought.

Using the solution i can also setup sub-domains and direct them to the different services on my local network.