Unable to connect to my Hass.io from the internet via duckdns

Hi, so i’ve done all the things necessary to access Hassio from the internet but can’t seem to get it working. The request always times out. Pinging to my Hassio from the internet doesn’t respond either.
My config is:


api_password: ***************
base_url: https://rodinka.duckdns.org:8123
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem

duckdns config:

“lets_encrypt”: {
“accept_terms”: true,
“certfile”: “fullchain.pem”,
“keyfile”: “privkey.pem”
“token”: “********************************”,
“domains”: [
“seconds”: 300

DuckDNS logs don’t show any errors either. Ports on router are forwarded from TCP 8123 to TCP 8123 and from TCP 443 to TCP 8123. Tried disabling one or another of them. Tried testing opened ports with canyouseeme(dot)com and indeed, they were open. Accessing hassio from local network with https is not possible, too. My ISP does not use CG-NAT. Don’t know where to move on from now. Any help appreciated. Thanks!

Well, you’ve made a bit of an error by sharing your url with everyone, so you might want to change that on duckdns.

But, for the sake of science I clicked on it and I got ERR_SSL_PROTOCOL_ERROR which would suggest a problem with the certificates.

I also just read something about if the clock is wrong it can be a cause of this error, so that might be worth a look too.

Thanks for your reply!
Ooops, missed that.
Printed out date from the terminal and everything was correct. Tried various config setups but none worked. What do you mean by taking a look into the certificates?

That they are there and the paths are correct really. Not sure what more you can do from hassio.

The paths are all correct, tried varying the configuration but nothing helped. I can not even access it from my local network with https.

Did you port forward 8123 to your hassio ip address in your router?

Yes i did, i even forwarded 443 and tried a variety of configurations. None helped.

Doesn’t matter, you can use shodan to find all of us https://www.shodan.io/:slight_smile:

Maybe this will help you… verify everything in this video was setup and done in these steps. https://www.youtube.com/watch?v=VUTPAoB27iQ

That’s one of the tutorials i followed in order to get it working.

You could try using the nginx proxy, it still allows non encrypted access on the local lan too. See this guide.

Don’t know if its you testing but I just tried your page over http and got straight though to your HA login

Thanks, i’ll take a look into it!

yeah, testing currently, with my TCP80 opened

If the page can be accessed via http then https is not set up in home assistant as it disables http. That is why nginx proxy is used by some. To keep both http and https access.

Another thought is that your ISP may not allow http traffic over non standard ports. You could try forwarding port 443 to 8123 and then remove the port from your domain when you type it in the browser.

Yeah, so that indicates to me that something might not be correct with the certificates on the hassio. But i have no clue where to look next

Are the two pem files in your ssl folder?

yeah, both of them, even tried moving them to the config file and changing the path in config.yaml and duckdns config, but that still didn’t do the trick

Are you using the new Auth system. If so, then you could try removing the api_password line from your http section.