Setting up HTTPS for Home Assistant (2024)

Home Assistant

Scott Helme

4 min read

I absolutely love Home Assistant and if you follow me on Twitter then you will have probably seen me talking about various awesome things that I do with HA. This blog post is going to look at how I setup HTTPS on the HA web interface and just how easy it is!

Setting up HTTPS for Home Assistant (3)

Home Assistant

HA is the absolute best home automation solution I've come across, and I've tried a few. You set it up on a little Raspberry Pi and it can integrate with basically any smart device in your home to give you centralised control of everything. There's literally nothing I have that it hasn't integrated with. I have Philips Hue lights, ColoLights, NanoLeaf lights, Govee LED lights, Shelly relays and switches, Xiaomi Aqara sensors and switches, my smart electricity meter, TP-Link switches and countless other things.

One thing that does bother me though, and it's not HA that's at fault here, is accessing the web interface in an insecure fashion.

Setting up HTTPS for Home Assistant (4)

Securing the web interface

There are actually two options, and I do both of these, which sounds odd so let me explain. HA has its own cloud access feature via Nabu Casa, and for a small $5/mo subscription they will take care of absolutely everything for you, including a secure way to access the web interface of your own HA instance, even remotely when away from home.

Setting up HTTPS for Home Assistant (5)

Of course, I'm going to look at setting up your own HTTPS certificate and then remote access is just a case of some port-forwarding and possibly DDNS, but for many people that $5/mo will be great value compared to the effort of setting this up yourself. I do use my own certificate internally but when away from home I do use the remote access via Nabu Casa because I mostly wanted to support the project with the $5/mo subscription because I think they deserve it for all the value I get out of HA. If you do want to setup your own certificate internally, or even for external use, then read on!

Setting up your own certificate

The first thing to do is install the NginX Add-on. Go to Supervisor -> Add-on Store -> Search "NginX" and install it.

Setting up HTTPS for Home Assistant (6)

You will need to update the domain you plan on using for your HA instance, but other than that the rest of the config can remain similar to mine.

Setting up HTTPS for Home Assistant (7)

Getting your certificate

As I've mentioned in other blog posts when getting a certificate for many other devices on my network, what certificate you get and how you get it are up to you! I'm using the acme.sh ACME client to get free certificates from Let's Encrypt, if you'd like some inspiration. For me, getting the certificate is as easy as running this command.

acme.sh --issue --dns dns_cf -d homeassistant.scotthelme.co.uk

This will have a certificate issued for my chosen domain of homeassistant.scotthelme.co.uk and as you see here, I've been getting them for quite a while! The next step is to place that certificate on the HA server so it can be used to secure the web interface. You can edit files via the web interface with a file editor, use FTP to copy them over or like me you can use SCP to copy them over. Use whichever method comes easiest to you, but here is where the files need to go.

/ssl/fullchain.pem/ssl/privkey.pem

The fullchain.pem needs to contain the leaf certificate and all intermediates while the privkey.pem file needs to contain the associated private key. I use SCP to copy them over like this.

scp -i id_ed25519 chain.crt [emailprotected]:/ssl/fullchain.pemscp -i id_ed25519 private.key [emailprotected]:/ssl/privkey.pem

Once the files are in place, all you need to do is restart NginX to pick up the new files and start using them! You can do this through the web interface but I'm using a script to copy the files over and it automatically restart NginX for me.

ssh -i id_ed25519 [emailprotected] 'ha addons restart core_nginx_proxy'

Finally, you need to make sure your chosen hostname is resolving to HA. I have my own DNS server locally so I make sure that homeassistant.scotthelme.co.uk is resolved to the correct IP address for all devices on my network, but you could just setup a local hosts entry for yourself to do the same thing. However you do it, once it's done, you can open up your web browser and navigate to your secure web interface!

Setting up HTTPS for Home Assistant (8)

I've loved tinkering with HA and automating countless things around my house, but I have a particularly big post coming about another security feature on HA very soon, so stay tuned for that!


If you want to get notified when I publish a new blog, please consider subscribing!

Tags: Home Assistant


Setting up HTTPS for Home Assistant (2024)
Top Articles
Was Maria's Curse Real? Practical Magic's Owens Women Curse Explained
Practical Magic
Po Box 7250 Sioux Falls Sd
The Largest Banks - ​​How to Transfer Money With Only Card Number and CVV (2024)
Avonlea Havanese
Craigslist Kennewick Pasco Richland
Victoria Secret Comenity Easy Pay
Chuckwagon racing 101: why it's OK to ask what a wheeler is | CBC News
What is international trade and explain its types?
House Share: What we learned living with strangers
Otr Cross Reference
What Is A Good Estimate For 380 Of 60
10 Free Employee Handbook Templates in Word & ClickUp
Mineral Wells Independent School District
Minecraft Jar Google Drive
The Cure Average Setlist
Tnt Forum Activeboard
"Une héroïne" : les funérailles de Rebecca Cheptegei, athlète olympique immolée par son compagnon | TF1 INFO
Hellraiser III [1996] [R] - 5.8.6 | Parents' Guide & Review | Kids-In-Mind.com
Boston Gang Map
Dumb Money, la recensione: Paul Dano e quel film biografico sul caso GameStop
Ukc Message Board
Jeffers Funeral Home Obituaries Greeneville Tennessee
Www.paystubportal.com/7-11 Login
8000 Cranberry Springs Drive Suite 2M600
Ihub Fnma Message Board
Breckiehill Shower Cucumber
Wood Chipper Rental Menards
Kroger Feed Login
4Oxfun
JVID Rina sauce set1
Marokko houdt honderden mensen tegen die illegaal grens met Spaanse stad Ceuta wilden oversteken
Ou Football Brainiacs
Miles City Montana Craigslist
Angel Haynes Dropbox
Publix Christmas Dinner 2022
Craftsman Yt3000 Oil Capacity
Motor Mounts
Kamzz Llc
4083519708
Second Chance Apartments, 2nd Chance Apartments Locators for Bad Credit
Pain Out Maxx Kratom
6576771660
Here's Everything You Need to Know About Baby Ariel
Lady Nagant Funko Pop
Port Huron Newspaper
Crigslist Tucson
Devotion Showtimes Near Showplace Icon At Valley Fair
552 Bus Schedule To Atlantic City
Diccionario De Los Sueños Misabueso
Sam's Club Fountain Valley Gas Prices
Latest Posts
Article information

Author: Tish Haag

Last Updated:

Views: 6181

Rating: 4.7 / 5 (67 voted)

Reviews: 90% of readers found this page helpful

Author information

Name: Tish Haag

Birthday: 1999-11-18

Address: 30256 Tara Expressway, Kutchburgh, VT 92892-0078

Phone: +4215847628708

Job: Internal Consulting Engineer

Hobby: Roller skating, Roller skating, Kayaking, Flying, Graffiti, Ghost hunting, scrapbook

Introduction: My name is Tish Haag, I am a excited, delightful, curious, beautiful, agreeable, enchanting, fancy person who loves writing and wants to share my knowledge and understanding with you.