Hi all,
I have two separate HA installs (full Home Assistant, running on a rpi3) that have trouble renewing their DuckDNS certificate. After some trial and error using suggestions from this issue, my alias worked fine the first time. However, after checking up on my certificate I noticed the expiry date is within a month indicating the renewal was not performed.
After restarting the DuckDNS addon one of my installs logged it was renewing the certificate:
...
+ Forcing renew.
+ Checking expire date of existing cert...
+ Valid till Oct 23 17:51:01 2020 GMT Certificate will expire
(Less than 30 days). Renewing!
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ Received 1 authorizations URLs from the CA
+ Handling authorization for aarderweg.nl
+ 1 pending challenge(s)
+ Deploying challenge tokens...
OK + Responding to challenge for aarderweg.nl authorization...
+ Challenge is valid!
+ Cleaning challenge tokens...
OK + Requesting certificate...
+ Checking certificate...
+ Done!
+ Creating fullchain.pem...
+ Done!
[15:16:23] INFO: KO
The log indicates everything succeeded. When I look in my SSL folder, the fullchain.pem also has the updated information. However, HA does not seem to use the updated certificate.
On my other install, DuckDNS won’t start at all after the addon restart. The HA logs show this:
ERROR (SyncWorker_3) [supervisor.docker] Can't start addon_core_duckdns: 403 Client Error: Forbidden ("endpoint with name addon_core_duckdns already exists in network hassio")
DuckDNS config booth look like this:
lets_encrypt:
accept_terms: true
certfile: fullchain.pem
keyfile: privkey.pem
token: <redacted>
domains:
- mydomain.com
aliases:
- domain: mydomain.com
alias: mydomain.duckdns.org
seconds: 300
Any ideas what I’m doing wrong?
Much appreciated! 
1 post - 1 participant