You’ve made it this far, you’re almost there. Time to secure your Smart-Home devices. This is really easy with Let’s Encrypt . This is a free automated service that provides Free SSL/TLS Certificates. This keeps your traffic safe.
- Forward Ports 80 and 443
- Lets Encrypt Add On
- Forward Port 8123 to 443
Forward Ports 80 and 443
First you’ll need to forward some ports. If you made it this far, then you already forwarded a port to use Duck DNS.
- Go back to your router’s forwarding page.
- First, you need to forward port 80 local (or internal) to part 80 external.
- Next, do the same thing for port 443.
- These ports are being forwarded in order to allow Let’s Encrypt verify you’re the one requesting the certificates.
- Port 443 is also the port that will serve up your secure https traffic.
- At this point, you’ll likely have a line up similar to mine with the 3 ports we’ve forwarded up to this point. Now you’re all set up to get your security certificate.
Let’s Encrypt Add-On
- Go to the Add-Ons menu under the Hass.io tab and install the Let’s Encrypt add-on.
- You will be required to provide an email address for the certificate.
- Fill in the email and domains spaces here.
- Remember to use “”.
- Save your settings and press Start.
- Wait a moment and scroll down to the Logs section.
- You can refresh the log to verify your certificate was obtained successfully.
- Now that you have the certificate, you’ll need to add it to your “configuration.yaml” file.
ALRIGHT! You’ve got a private, secure Smart-Home app that you can control all of your devices from. Right now, you can reach your set up at http://YOURSUBDOMAIN.duckdns.org:8123 Just one more step to remove the :8123 from your address.
Forward Port 8123 to 443
- Go back into your forwarding settings.
- Change your current internal port 8123 to external 8123 to internal port 8123 to external port 443.
- There you go! Now you can go to https://YOURSUBDOMAIN.duckdns.org and see all your stuff!
- You can also reach your set-up locally using https://YOURRASPBERRYPI’SIP:8123
- You may get a warning, like I did in Chrome saying it might be unsafe.
- You can click advanced and click again to get in. It’s just saying this because the security certificate matches your URL not the Raspberry Pi’s IP address.
- Now that you’ve updated your address to https:// remember to update your web app!
- Now you have a protected Smart-Home set up that you can control, securely from any device!
Now that you’re your set up is complete, you can start to automate your devices. If these guides have been helpful to you , please share them! If you have any questions, please reach out to me in the comments. Thanks for visiting!