Getting paid internationally?
Choose Payoneer.


Get started with DigitalOcean SSD Virtual Servers  Email Newsletters & Email Marketing by YMLP.com

Enabling HTTPS in Home Assistant


The following procedure activates HTTPS for the Home Assistant server. The secure protocol uses TLS/SSL certificates to encrypt the data transferred between user and server.

Although it is possible to make this home automation system, whether in Linux or FreeBSD, accessible over the Internet, Home Assistant is usually operated within private networks, either physical or virtual. In this case, self-signed certificates may be acceptable to use and quicker to deploy.

==========

1. Log in as the system account.

1.1. Linux, with $HOME "bin" included in $PATH (-i) of system account (-u).

user@host: $ sudo -i -u homeassistant

1.2. FreeBSD, coming from "root" superuser.

root@host: # su - homeassistant

2. Go to the Home Assistant configuration directory.

user@host: $ cd ~/.homeassistant

3. Make a directory for SSL certificates.

user@host: $ mkdir ssl

4. Ensure that only the system account and members of its group can access the directory.

user@host: $ chmod 770 ssl

5. Create a self-signed SSL certificate/key pair.

user@host: $ openssl req -new -x509 -days 36500 -nodes -keyout ssl/myhass.key -out ssl/myhass.crt

6. BACK UP the main YAML configuration file.

user@host: $ cp configuration.yaml configuration_yaml.back

7. Open the main YAML configuration file.

7.1. Linux

user@host: $ nano configuration.yaml

7.2. FreeBSD

user@host: $ ee configuration.yaml

8. Add the following YAML lines and save the file.

# BEGIN CODE
# ...

http:
  ssl_certificate: ~/.homeassistant/ssl/myhass.crt
  ssl_key: ~/.homeassistant/ssl/myhass.key

# ...
# END CODE

9. Restart the Home Assistant server via web browser.

http://ip.add.re.ss:8123

Configuration -> Server Controls -> Server management -> Restart

10. Test the secure site by accessing HTTPS on the web browser.

https://ip.add.re.ss:8123

==========

It can be argued that secure protocols may not be necessary since the server is within a private network. However, it is important to bear in mind that malware may have made its way into mobile devices from outside sources. Implementing HTTPS will prevent transaction data from getting sniffed and sent to malicious actors.

==========

REFERENCES

1. Home Assistant. Integrations, HTTP.
==========

Comments


Getting paid internationally?
Choose Payoneer.


Get started with DigitalOcean SSD Virtual Servers  Email Newsletters & Email Marketing by YMLP.com

Popular posts from this blog

Running Home Assistant on FreeBSD Servers

Configuring the FreeBSD Firewall with IPFW