In the post “Adding a Web-cam”, I talked about adding live video feed from a web-cam to the dashboard. In this post, I will secure the video feed with SSL encryption for streaming over the Internet. A certificate and private key pair is required to implement encryption. Please refer to “Secure Connection with ACME” post on how to set up the key pair and configure Home Assistant connection over SSL.

First we have to change the unsecured http web-cam URL to use https protocol. This is achieved by setting up an nginx reverse proxy. Install nginx on the Home Assistant server as follow:

sudo apt-get update
sudo apt-get install nginx

Create the following file “web-cam” in /etc/nginx/sites-available:

server {
  listen 8111;
  ssl on;
  ssl_certificate      /usr/share/hassio/ssl/fullchain.cer;
  ssl_certificate_key  /usr/share/hassio/ssl/dhass.dynu.net.key;

  ssl_session_cache  builtin:1000  shared:SSL:10m;
  ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
  ssl_prefer_server_ciphers on;

  location / {
      proxy_pass http://192.168.1.22:22222/;
      # webcam IP and port number
  }
}

Create a symbolic link for the config file and restart nginx:

sudo ln -s /etc/nginx/sites-available/web-cam  /etc/nginx/sites-enabled/web-cam
sudo nginx -s reload

• In the router, forward external port 8111 to internal port 8111 at the Home Assistant IP address.
• Test the setup by pointing the browser to https://Home-Assistant-IP:8111. The web-cam sign-in page should be displayed
• To add the camera feed to Home Assistant dashboard, create a picture card with the following Image URL:

https://"Home-Assistant-IP":8111/videostream.cgi?user=admin&pwd="password"