Creating a certificate for HASSIO - help needed


I am setting up Home Assistant using HASSIO, and I am following this to create the certificates:

  • addon installed with the following config:
    “email”: "",
    “domains”: [
    “certfile”: “fullchain.pem”,
    “keyfile”: “privkey.pem”

  • files created in /ssl
    core-ssh:/config# cd /ssl/

    ls -l

    -rw-r–r-- 1 root root 3574 Sep 6 21:55 fullchain.pem
    -rw------- 1 root root 1708 Sep 6 21:55 privkey.pem

  • configuration.yaml file updated with the following:
    ssl_certificate: /ssl/fullchain.pem
    ssl_key: /ssl/privkey.pem

  • HA restarted

  • Modem port forwarding: 80 >> 80 & 443 >> 8123

DDNS is done through -

Any help of what I might be doing wrong?

Hi @mouthpiec

I don't know how that HASSIO works.

But checking your domain port 443 (your internal port 8123) is a http port ( ):

Domainname Http-Status redirect Sec. G -14 10.033 T
Timeout - The operation has timed out -4 0.313 W
SendFailure - The underlying connection was closed: An unexpected error occurred on a send. The handshake failed due to an unexpected packet format. 200 0.197 Q
Visible Content:

Port 80 has a timeout. Port 443 answers with a typical error

The handshake failed due to an unexpected packet format.

So the tool checks, if port 443 works with http -> that works.

The same error is visible checking your port 8123 -

http answers with content, https answers with the same error message.

So there is one step missing: Your configuration doesn't know that 443 / 8123 should be a https port.


A restart of Home Assistant is required for the changes to take effect.

Same if you use a Letsencrypt certificate.

Thanks for your detailed reply… I have seen a lot of tutorials and i think i did all the steps.
Below you can find a screenshot of a trace, and the PC from which I try to access the URL is returning an error “Protocol Version” if this helps.

This is the same problem. You have to find your "missing step".

Hi again … problem solved.
The default config that commes with HASSIO had an extra space character in the HTTP part of the config.
Thanks again for your help

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.