mirror of
https://github.com/home-assistant/home-assistant.io.git
synced 2025-07-23 09:17:06 +00:00
Update tls_self_signed_certificate.markdown (#3396)
* Update tls_self_signed_certificate.markdown Add .pem and iOS info to save others searching for it like I had too and save time :) * Minor changes * Update names
This commit is contained in:
parent
e1697c1161
commit
ef7953c5b0
@ -14,21 +14,29 @@ If your Home Assistant instance is only accessible from your local network you c
|
||||
|
||||
To create locally a certificate you need the [OpenSSL](https://www.openssl.org/) command-line tool.
|
||||
|
||||
Change to your Home Assistant [configuration directory](/getting-started/configuration/) like `~/.homeassistant`. This will make it easier to backup your certificate and the key. Run the command shown below.
|
||||
Change to your Home Assistant [configuration directory](/getting-started/configuration/) like `~/.homeassistant`. This will make it easier to backup your certificate and the key. Run the command shown below.
|
||||
|
||||
The certificate **must** be `.pem` extension.
|
||||
|
||||
If you are going to use this certificate with the iOS app, you need to ensure you complete **all** fields during the cetificate creation process, then:
|
||||
|
||||
* Send **only** `certificate.pem` file to the iOS device using airdrop or other transfer method.
|
||||
* Open the `.pem` file on the iOS device, follow the prompts to trust and install it.
|
||||
* If you are using iOS 10.3 or newer then [additioal steps](https://support.apple.com/en-us/HT204477) are needed.
|
||||
|
||||
```bash
|
||||
$ openssl req -new -x509 -sha256 -newkey rsa:4096 -nodes -keyout privkey.pem -days 730 -out fullchain.pem
|
||||
$ openssl req -sha256 -newkey rsa:4096 -nodes -keyout key.pem -x509 -days 730 -out certificate.pem
|
||||
```
|
||||
|
||||
For details about the parameters, please check the OpenSSL documentation. Provide the requested information during the generation process. At the end you will have two files called `privkey.pem` and `fullchain.pem`. The key and the certificate.
|
||||
For details about the parameters, please check the OpenSSL documentation. Provide the requested information during the generation process. At the end you will have two files called `privkey.pem` and `certificate.pem`. The key and the certificate.
|
||||
|
||||
Update the `http:` entry in your `configuration.yaml` file and let it point to your created files.
|
||||
|
||||
```yaml
|
||||
http:
|
||||
api_password: YOUR_SECRET_PASSWORD
|
||||
ssl_certificate: /home/fab/.homeassistant/fullchain.pem
|
||||
ssl_key: /home/fab/.homeassistant/privkey.pem
|
||||
ssl_certificate: /home/your_user/.homeassistant/certificate.pem
|
||||
ssl_key: /home/your_user/.homeassistant/privkey.pem
|
||||
```
|
||||
|
||||
A tutorial "[Working with SSL Certificates, Private Keys and CSRs](https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs)" could give you some insight about special cases.
|
||||
|
Loading…
x
Reference in New Issue
Block a user