How to secure remote access to Domoticz with HTTPS using SSL Certificates

3 min readApr 23, 2021

If you landed here, it means that you’ve tried to secure external access to your Domoticz server with HTTPS following the steps described here

Let’s Encrypt SSL Certificates on Domoticz to enable Https

And, like me, you got blocked after running the command:

$ sudo ./letsencrypt-auto

You certainly saw the below printed in your Terminal.

Skipping bootstrap because certbot-auto is deprecated on this system.
Your system is not supported by certbot-auto anymore.
Certbot cannot be installed.
Please visit to check for other alternatives.

Keep reading. The solution is below. Well, in fact it was above ;)

Let’s start from scratch.

Install the needed system dependancies.

$ sudo apt update
$ sudo apt install python3 python3-venv libaugeas0

Remove existing certbot-auto

$ sudo apt-get remove certbot

Set up a Python virtual environment

$ sudo python3 -m venv /opt/certbot/$ sudo /opt/certbot/bin/pip install — upgrade pip

Now, install and prepare fresh new Certbot with the command

$ sudo /opt/certbot/bin/pip install certbot
$ sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot

Without stopping Domoticz (make sure it’s up and running), execute the following command

$ sudo certbot certonly --webroot

You’ll be then asked to enter your domain name.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter ‘c’
to cancel):

Let’s assume, mine is:

After this, you’ll be required to enter the root directory of your Domoticz application.

Requesting a certificate for
Performing the following challenges:
http-01 challenge for
Input the webroot for (Enter ‘c’ to cancel):

If like me, you’ve installed it on your home directory, you should enter something similar to:


Don’t forget the ‘www’! Certbot will add a file in that directory which needs to be accessible from the internet. Aim is to verify your domain name.

Now, you should be promoted with something similar to:

Waiting for verification…
Cleaning up challenges
— Congratulations! Your certificate and chain have been saved at:
Your key file has been saved at:
Your certificate will expire on 2021–07–22. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again. To non-interactively renew *all* of your
certificates, run “certbot renew”
— If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt:
Donating to EFF:

Well done! We’re almost there. Few more commands to install the certificate in the right place.

$ sudo mv ~/domoticz/server_cert.pem ~/domoticz/$ sudo cat /etc/letsencrypt/live/ > ~/domoticz/server_cert.pem$ sudo cat /etc/letsencrypt/live/ >> ~/domoticz/server_cert.pem

One last to enable automatic renewal.

$ echo "0 0,12 * * * root /opt/certbot/bin/python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew -q" | sudo tee -a /etc/crontab > /dev/null