Let's Encrypt

You should not use this if you are also using the DuckDNS add-on. The DuckDNS add-on has integrated Let’s Encrypt support.

Setup and manage a Let’s Encrypt certificate. This will create a certificate on the first run and will auto-renew if the certificate is within 30 days of expiration.

This add-on uses ports 80/443 to verify the certificate request. You will need to stop all other add-ons that also use these ports. If you don’t need a port (like with https you don’t need port 80) you can remove this from network config.

  "challenge": "https",
  "email": "[email protected]",
  "domains": ["example.com", "mqtt.example.com", "hass.example.com"]

Configuration variables:

  • challenge (Optional): Default it use 443 (‘https’) you can change it to ‘http’ for use port 80.
  • email (Required): Your email address for registration on Let’s Encrypt.
  • domains (Required): A list of domains to create/renew the certificate.

Home Assistant configuration

Use the following configuration in Home Assistant to use the generated certificate:

  base_url: https://my-domain.tld:8123
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

If you use a other port as 8123 or a SSL proxy, change the port number.