System hangs after DuckDNS setup

I am having trouble with DuckDNS setup, after final reboot my system just hangs and I need to do a reinstall of Home Assistant!

Here is what I am doing:

  1. Install HA in a VM on my windows machine

  2. Set port forwarding as:

    3218 - 3218 (Configurator)
    80 - 80
    443 - 8123 (SSL)

  3. Get token from

  4. Install DuckDNS with updated config, terms set to true & token added & SAVEd

  5. START DuckDNS, Yes log shows signature file is created successfully.

  6. Install Configurator & RESTART

  7. Add code below to configuration.yaml file and SAVE
    (I have blanked out my actual domain name)

    ssl_certificate: /ssl/fullchain.pem
    ssl_key: /ssl/privkey.pem

Doing a RESTART now blows up everything! Just says reconnecting forever and I have to reinstall HA all over again.
If I RESTART before updating the configuration.yaml file the system restarts without a problem.
Also, before updating configuration.yaml I CAN access site on so I know that part is working.

What am I doing wrong?

have you tried logging in via your ip after duckdns setup? Without ddns?

It actually is all working, I was looking at http://192.168.1.x:8123, the same address as before adding duckdns, if I add https it works, der…

have discovered my site is live on:

(Just have to ignore certificate name mismatch which i guess is expected as the certificate is in the duckdns url)

(Still confusing to me, I was expecting to not have to include the :8123)

You shouldn’t have to. If you have to specify port 8123, then you may not have it configured correctly. you have 443 from the outside directing to 8123 on the inside?

Yes 443 forwards to 8123, it’s setup in my router.

Just re-saved those settings and noted my router does pop up a window saying the following but not sure what that means:

“Note: Access to the modem via HTTPS port change to 8443 on the WAN. On the LAN is still on port 443.”

Is it possible to “install” double certificates?
Actually if I connect using duckdns httpS url all is ok. If I’m on local and try to connect using https://192.168.0.x:8123 i’m still connecting but I get browser warning about certificate.

I’d like to, when connect in local mode, not view this type of warning. I know I can ignore it… But if there is a workaround or the ability to add more than 1 certificate (one for duckdns and one for local)?

From what I have read you can do that with a local DNS like dnsmasq in add-ons, I haven’t tried it yet as I have the bigger issue of not being able to view https://my to solve first.

A ping of from outside my network shows my network IP then a time out…

Any pointers how to debug this further?
Router is forwarding 443-8123 and has been restarted.

Do you have a Fritzbox router?
BtW I always specific port :8123 also for duckdns url

My router is a Huawie HG659.
OK, but does yours work if you drop the port reference?

no. i need always to specify :8123 in the url

Do you have port forwarding setup on 443-8123?

I guess at the end of the day it doesn’t really matter, just annoying it doesn’t work.

forward 8123-8123 on router if you are using 8123 in the url externally

Screen of my router config, have I forgot something?

Also I can set protocols ESP GRE ( other than UDP TCP)…but i never ear about it I don’t know if usefull

I 've already this rule :confused:

didn’t you say you had port 443 forwarded to 8123? I don’t see that and you need that for ssl

I did, yes… (The OP).
I dont think your replying to me…

sorry the late. Yes i’ve this rule: is it correct?

The bottom option, ports assigned externally, should both have 443 not 8123… you go to https://domain and that’s port 443 and forwards to 8123 internally

Thank you i’ve set it and it seem to work :slight_smile:
Edit: after this, alexa and nodered stop working! I revert back to my old config port
Edit 2: ok i’ve modified nodered and haaska to work with new config 443->8123