HTTS - with cerbot

I try to configure certbot as this page says : System Security Software Options - Docs

And when I try to connect to my server using https, it’s not working (https://my-ip/nextcloud ; https://my-ip/8123, …)

For nextcloud I have this message :
“Warning: Probable security risk Firefox detected a potential security threat and did not pursue If you access this site, attackers could steal information such as passwords, emails, or credit card details. What can you do? The problem is probably with the website, so you can’t fix it. You can report this to the people who administer the site.”
And after I can access to nextcloud

For Home Assistant I have this message :
“Secure Connection Failed An error occurred while connecting to SSL received a record that exceeds the maximum allowed length. Error Code: SSL_ERROR_RX_RECORD_TOO_LONG The page you are trying to view cannot be viewed because the authenticity of the data received cannot be verified. Please contact the website owners to inform them of this issue.”
But I can’t access to Home Assitant.

All my port are forwarded in my router config (sfr in France) especially 80 and 443.

I use to have personalize ddns (and https works for nextcloud, rutorrent, freshrss but not for webmin, home assistant, … and I don’t know why).

It could be cool if someone can help me.

PS : maybe I’m not clear in my explanation, tell me if you want more precision.


Required Information

  • DietPi version | 8.25.1`
  • Distro version | Book Worl
  • Kernel version | Linux DietPi 6.1.0-16-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.67-1 (2023-12-12) x86_64 GNU/Linux
  • SBC model | `Native PC (x86_64)

Some browsers

Probably a warning because of the self signed (cert or) certificate.

Https works on port 443, not 8123

This depends on the app. Individual apps could have own SSL ports :wink:
Question is if OP configured HTTPS on HA?? Or if he is just trying to connect assuming it would work ootb. I guess it will be needed to setup revers proxy for HA

For Nextcloud, if I understood you don’t use self signed certificate? It’s the one issued by Let’s Encrypt? And you are using the same hostname/ DDNS to connect as you specified within dietpi-letsencrypt?

Some years ago I created a very basic how-to How can I secure connection to nextcloud? - #4 by Joulinar

Or you tell HA where your certs are, then it should work also on port 8123:

Thank you for all of you for yours answers.

But I think my level in networks configuration is too poor. And I’m sorry but I don’t understand anything.

I think I can’t use no-ip to connect to my dietpi’s home assistant with this kind of web adress : like my nextcloud (

Thank you

This is not correct. Your DDNS service has nothing to do with your applications that you want to reach from the Internet. DDNS is just a translation of your external Internet IP address into a readable hostname. It also enables the creation of SSL certificates. Which app you use is entirely up to you. It can be anything.

It’s best if we work on your challenges one by one. Let’s start with Nextcloud. Are you able to access your NC instance from the internet?

You could forward the port you need (8126) and then connect vai http (not https) like http://my.dnydns.domain:8126

Thank you @Joulinar & @Jappe for your help.

To Joulinar : I can access eto nextcloud with http://myip/nextcloud and
It alsoworks whith rutorrent, freshrss.

To access to homeassitant it’s work with http://myip:8123 but it doesn’t work whith

To jappe : I really need to have HTTPS for Home Assistant.


ok Nextcloud is working good.

For HA, did you already configured HA to use SSL?

if not:
In the configuration.yaml you have to modify these settings:

  ssl_certificate: /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem
  ssl_key: /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem

replace YOUR_DOMAIN with the actual domain name, then just restart and SLL should be working on port 8123.

Sorry my two daughters are sick last days so I didn’t have time to lock at this.

At " configuration / networks / " it’s wrote http://myip:8123, I have to change this to https ?

@Jappe when I do this I can’t access to HA anymore.
I try to replace YOUR_DOMAIN by :

I’m loose with it.

Put in just the domain, no IPs and no protocols like https, no subdomain beforehand (except your are using a dynDNS which can come with a subdomain in the free tiers).
e.g. `’ or ’