148 lines
8.6 KiB
HTML
148 lines
8.6 KiB
HTML
<!doctype html>
|
||
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
|
||
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
|
||
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
|
||
<!--[if gt IE 8]><!--> <html> <!--<![endif]-->
|
||
<head>
|
||
<meta charset="utf-8">
|
||
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
|
||
<title>Self-signed certificate for SSL/TLS - Home Assistant</title>
|
||
<meta name="author" content="Home Assistant">
|
||
<meta name="description" content="Configure a self-signed certificate to use with Home Assistant">
|
||
<meta name="viewport" content="width=device-width">
|
||
<link rel="canonical" href="https://home-assistant.io/cookbook/tls_self_signed_certificate/">
|
||
<meta property="fb:app_id" content="338291289691179">
|
||
<meta property="og:title" content="Self-signed certificate for SSL/TLS">
|
||
<meta property="og:site_name" content="Home Assistant">
|
||
<meta property="og:url" content="https://home-assistant.io/cookbook/tls_self_signed_certificate/">
|
||
<meta property="og:type" content="article">
|
||
<meta property="og:description" content="Configure a self-signed certificate to use with Home Assistant">
|
||
<meta property="og:image" content="https://home-assistant.io/images/default-social.png">
|
||
<meta name="twitter:card" content="summary_large_image">
|
||
<meta name="twitter:site" content="@home_assistant">
|
||
<meta name="twitter:title" content="Self-signed certificate for SSL/TLS">
|
||
<meta name="twitter:description" content="Configure a self-signed certificate to use with Home Assistant">
|
||
<meta name="twitter:image" content="https://home-assistant.io/images/default-social.png">
|
||
<link href="/stylesheets/screen.css" media="screen, projection" rel="stylesheet">
|
||
<link href="/atom.xml" rel="alternate" title="Home Assistant" type="application/atom+xml">
|
||
<link rel='shortcut icon' href='/images/favicon.ico' />
|
||
<link rel='icon' type='image/png' href='/images/favicon-192x192.png' sizes='192x192' />
|
||
</head>
|
||
<body >
|
||
<header>
|
||
<div class="grid-wrapper">
|
||
<div class="grid">
|
||
<div class="grid__item three-tenths lap-two-sixths palm-one-whole ha-title">
|
||
<a href="/" class="site-title">
|
||
<img width='40' src='/demo/favicon-192x192.png'>
|
||
<span>Home Assistant</span>
|
||
</a>
|
||
</div>
|
||
<div class="grid__item seven-tenths lap-four-sixths palm-one-whole">
|
||
<nav>
|
||
<input type="checkbox" id="toggle">
|
||
<label for="toggle" class="toggle" data-open="Main Menu" data-close="Close Menu"></label>
|
||
<ul class="menu pull-right">
|
||
<li><a href="/getting-started/">Getting started</a></li>
|
||
<li><a href="/components/">Components</a></li>
|
||
<li><a href="/docs/">Docs</a></li>
|
||
<li><a href="/cookbook/">Examples</a></li>
|
||
<li><a href="/developers/">Developers</a></li>
|
||
<li><a href="/blog/">Blog</a></li>
|
||
<li><a href="/help/">Need help?</a></li>
|
||
</ul>
|
||
</nav>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</header>
|
||
<div class="grid-wrapper">
|
||
<div class="grid grid-center">
|
||
<div class="grid__item two-thirds lap-one-whole palm-one-whole">
|
||
<article class="page">
|
||
<header>
|
||
<h1 class="title indent">
|
||
Self-signed Certificate for SSL/TLS
|
||
</h1>
|
||
</header>
|
||
<hr class="divider">
|
||
<p>If your Home Assistant instance is only accessible from your local network you can still protect the communication between your browsers and the frontend with SSL/TLS. <a href="/blog/2015/12/13/setup-encryption-using-lets-encrypt/">Let’s encrypt</a> will only work if you have a DNS entry and remote access is allowed. The solution is to use a self-signed certificate. As you most likely don’t have a certification authority (CA) your browser will conplain about the security. If you have a CA then this will not be an issue.</p>
|
||
<p>To create locally a certificate you need the <a href="https://www.openssl.org/">OpenSSL</a> command-line tool.</p>
|
||
<p>Change to your Home Assistant <a href="/getting-started/configuration/">configuration directory</a> like <code class="highlighter-rouge">~/.homeassistant</code>. This will make it easier to backup your certificate and the key. Run the command shown below.</p>
|
||
<div class="language-bash highlighter-rouge"><pre class="highlight"><code><span class="gp">$ </span>openssl req -new -x509 -sha256 -newkey rsa:4096 -nodes -keyout privkey.pem -days 730 -out fullchain.pem
|
||
</code></pre>
|
||
</div>
|
||
<p>For details about the parameters, please check the OpenSSL documentation. Provide the requested information during the generation process. At the end you will have two files called <code class="highlighter-rouge">privkey.pem</code> and <code class="highlighter-rouge">fullchain.pem</code>. The key and the certificate.</p>
|
||
<p>Update the <code class="highlighter-rouge">http:</code> entry in your <code class="highlighter-rouge">configuration.yaml</code> file and let it point to your created files.</p>
|
||
<div class="language-yaml highlighter-rouge"><pre class="highlight"><code><span class="s">http</span><span class="pi">:</span>
|
||
<span class="s">api_password</span><span class="pi">:</span> <span class="s">YOUR_SECRET_PASSWORD</span>
|
||
<span class="s">ssl_certificate</span><span class="pi">:</span> <span class="s">/home/fab/.homeassistant/fullchain.pem</span>
|
||
<span class="s">ssl_key</span><span class="pi">:</span> <span class="s">/home/fab/.homeassistant/privkey.pem</span>
|
||
</code></pre>
|
||
</div>
|
||
<p>A tutorial “<a href="https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs">Working with SSL Certificates, Private Keys and CSRs</a>” could give you some insight about special cases.</p>
|
||
</article>
|
||
</div>
|
||
<aside id="sidebar" class="grid__item one-third lap-one-whole palm-one-whole">
|
||
<div class="grid">
|
||
<section class="aside-module grid__item one-whole lap-one-half">
|
||
<div class='edit-github'><a href='https://github.com/home-assistant/home-assistant.github.io/tree/current/source/_cookbook/tls_self_signed_certificate.markdown'>Edit this page on GitHub</a></div>
|
||
<div class='section'>
|
||
<a href='/cookbook'>Back to the cookbook</a>
|
||
</div>
|
||
<div class='section'>
|
||
<h1 class="title delta">Infrastructure</h1>
|
||
<ul class='divided'>
|
||
<li>
|
||
<a href='/cookbook/apache_configuration/'>Apache Configuration</a>
|
||
</li>
|
||
<li>
|
||
<a href='/cookbook/tls_domain_certificate/'>Certificate for SSL/TLS via domain ownership</a>
|
||
</li>
|
||
<li>
|
||
<a href='/cookbook/githubbackup/'>Configuration Backup to GitHub</a>
|
||
</li>
|
||
<li>
|
||
<a href='/cookbook/owntracks_two_mqtt_broker/'>OwnTracks with two MQTT brokers</a>
|
||
</li>
|
||
<li>
|
||
Self-signed certificate for SSL/TLS
|
||
</li>
|
||
<li>
|
||
<a href='/cookbook/tor_configuration/'>Tor Onion Service Configuration</a>
|
||
</li>
|
||
</ul>
|
||
</div>
|
||
</section>
|
||
</div>
|
||
</aside>
|
||
</div>
|
||
</div>
|
||
<footer>
|
||
<div class="grid-wrapper">
|
||
<div class="grid">
|
||
<div class="grid__item">
|
||
<div class="copyright">
|
||
<a rel="me" href='https://twitter.com/home_assistant'><i class="icon-twitter"></i></a>
|
||
<a rel="me" href='https://facebook.com/homeassistantio'><i class="icon-facebook"></i></a>
|
||
<a rel="me" href='https://plus.google.com/110560654828510104551'><i class="icon-google-plus"></i></a>
|
||
<a rel="me" href='https://github.com/home-assistant/home-assistant'><i class="icon-github"></i></a>
|
||
<div class="credit">
|
||
Contact us at <a href='mailto:hello@home-assistant.io'>hello@home-assistant.io</a>.<br>
|
||
Website powered by <a href='http://jekyllrb.com/'>Jekyll</a> and the <a href='https://github.com/coogie/oscailte'>Oscalite theme</a>.<br />
|
||
Hosted by <a href='https://pages.github.com/'>GitHub</a> and served by <a href='https://cloudflare.com'>CloudFlare</a>.
|
||
</div>
|
||
<a rel="license" href="http://creativecommons.org/licenses/by-nc-sa/4.0/"><img alt="Creative Commons License" style="border-width:0" src="https://i.creativecommons.org/l/by-nc-sa/4.0/88x31.png" /></a><br /><span xmlns:dct="http://purl.org/dc/terms/" property="dct:title">home-assistant.io</span> is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-nc-sa/4.0/">Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License</a>.
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</footer>
|
||
<script>
|
||
var _gaq=[['_setAccount','UA-57927901-1'],['_trackPageview']];
|
||
(function(d,t){var g=d.createElement(t),s=d.getElementsByTagName(t)[0];
|
||
g.src=('https:'==location.protocol?'//ssl':'//www')+'.google-analytics.com/ga.js';
|
||
s.parentNode.insertBefore(g,s)}(document,'script'));
|
||
</script>
|
||
</body>
|
||
</html>
|