Error when using Zircon3D Proxy on Home Assistant with HTTPS

[FrankGiesecke]

My HA instance is only available over HTTPS.

I've installed and started the Zircon3D Proxy. But after starting the UI, some elements are missing.

The JavaScript console lists some errors:

bundle.js:205 Mixed Content: The page at 'https://xxx.yyy/hassio/ingress/7276820f_zircon3d_ha_proxy' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://xxx.yyy:11200/proxy/api/active_project_info'. This request has been blocked; the content must be served over HTTPS.
bundle.js:205 Mixed Content: The page at 'https://xxx.yyy/hassio/ingress/7276820f_zircon3d_ha_proxy' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://xxx.yyy:11200/proxy/api/user_info'. This request has been blocked; the content must be served over HTTPS.
hMNYBL9l8qQl8UC2kFKa…xZ9WcCVteH-VxaXw/:1 

In the result, I'm unable to use Zircon3D Proxy.

[chris-xinhai-li]

Can you please try: https://xxx.yyy:11200, will it work ?

[FrankGiesecke]

Unfortunately not. I've installed Zircon3D Proxy as a plugin in Home Assistant (HAOS). I've also installed NGINX Home Assistant SSL proxy. So everything is served by the NGINX plugin. I have no direct access to the apps running as docker container.

[chris-xinhai-li]

are there any tutorials out there you followed to setup https proxy ? I will need to setup a test environment at my side to replicate the problem.

[chris-xinhai-li]

By the way you may also need to config your proxy to make https://xxx.yyy:11200 available, because you will need this to access the designer and viewers, the ingress url provided by HA has some issues.

[FrankGiesecke]

are there any tutorials out there you followed to setup https proxy ? I will need to setup a test environment at my side to replicate the problem.

I just installed the "NGINX Home Assistant SSL proxy" and "Let's Encrypt" using the HA Add On Store.

[FrankGiesecke]

By the way you may also need to config your proxy to make https://xxx.yyy:11200 available, because you will need this to access the designer and viewers, the ingress url provided by HA has some issues.

Ok, so the client needs access to https://xxx.yyy:11200 right? In that case, I have to extend my firewall setup, because the whole home automation system is encapsulated in an own network with a minimum of open ports.

I will check this out.

[chris-xinhai-li]

Thank you very much Frank, your information helped a lot. I will setup a test environment at my side to replicate the issue. Will let you know once a fix is available.

[chris-xinhai-li]

@FrankGiesecke , I believe we must approach this issue cautiously. Requiring the opening of an additional port without adequate protection could pose a significant risk, potentially undermining the purpose of using HTTPS.

We need a thoroughly considered and well-tested solution rather than a quick fix. I will include this in my beta3 plan, which is scheduled for the next three months. Please stay tuned for updates.

[FrankGiesecke]

@chris-xinhai-li Are there any movements for this Issue?

[chris-xinhai-li]

@chris-xinhai-li Are there any movements for this Issue?

@FrankGiesecke We will address this issue in our Beta 3 milestone, which is expected to be released in September. Thank you for your interest in this project and for your patience