#HA app no longer connects

I’ve tried troubleshooting this on my own and wasn’t successful. When launching the app I get a Code 1 message. My installation is on HA Yellow and uses SSL.

je peut pluis me connecter

ha deconnecte

Great, I'm not alone in having this problem. Anyone have a fix?

Same here. Error code 2.

How have you set-up SSL?

How is SSL set up…

Not sure how to answer your question.

Companion was running well for months and I don’t know what changed.

What add-ons are you using to provide SSL

DuckDNS

Can you confirm if you can use a browser to visit https://[your.duckdns]

Is Home Assistant still running on port 8123 or have you changed that to 443?
Are you sure your HA Server Internal IP hasn't changed?
Have you checked your port forwarding in your router?

https://homeassistant.local:8123/ works at home just fine.

https://mysite.duckdns.org/ gives 403: forbidden

Settings>Network>HomeAssistant URL points to https://mysite.duckdns.org

Internal IP has not changed

Port forward looks correct to me

There is one ip banned in HA, from my ISP, I don't know if this is related to the cause.

If I visit https://www.duckdns.org/ I get HTTP ERROR 404 Not Found

I removed the banned URL to no effect.

After deleting browser cached images and files I get HTTP ERROR 404 Not Found when trying https://mysite.duckdns.org/

i see the 404 for duckdns.org and find conflicting info about whether the service they provide itself is down. Based on that I'd say it's out of your hands.

can you post the 'http:' section of your configuration.yaml

This shouldn't work fine: https://homeassistant.local:8123/
If it is, then we got to question the SSL certificate being used.

Or rather, it should work, but show a warning about the certificate which you would choose to continue through

  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem
  ip_ban_enabled: true
  login_attempts_threshold: 50 # bans ip after n attempts```

@unborn breach you would need to remove that configuration or comment it out with # until whatever is going on with duckdns is resolved or until you configure another option. Restart HA after that, and you'll be able to access locally with http://your_ha_ip_address:8123

Checking today it is still showing the 404 so I can't even access my old info to try setting it up for myself. I find it odd that there is little discussion about this online but maybe it's too niche. Their social media accounts seem dead. Downdetector shows nothing but problems in the last 24 hours. You might try a cloudflared tunnel as an option.
https://duckdns.org

With the http: code block I provided, https://homeassistant.local:8123/ works at home AND I just noticed https is crossed out by Chrome.
Removing that http: code block, saving, then reloading all YAML configuration, still https://homeassistant.local:8123/ works at home.
After rebooting HA, I'm locked out. https://homeassistant.local:8123/ and http://homeassistant.local:8123/ and the IP address and http://192.168.0.11:8123/ don't work 😢
I see HA's IP is a client in my router, so it is connecting to the LAN.

Observer http://homeassistant.local:4357/ shows connected/supported/healthy. How can I fix the lockout? Is the http: required in configuration.yaml to log in locally?

Here is the supervisor log. Looks like Advanced SSH & Web Termainal is failing. How to fix this? https://dpaste.org/NtDhr

Is HA core running? What are the logs showing?

My Yellow's yellow LED is in heartbeat mode. core logs: https://dpaste.org/S14n5

Any ideas what to do next anybody?

Anybody? Anybody?

port forwarding ok? Inyernal network ok? Can you ping hostnames (not ip)? Have a backup> read docs to reset and put backup back. looks like network/dns/proxy issue

FIRST: do a full reboot of network starting with modem>wait until online, then router>online, then end devices just to make sure.

just check internal network first, then we can rule out network issues

Rebooted equipment as instructed.
This is my port forwarding setup. I have not changed it for many months. Looks ok to me.
I can ping google.com and homeassistant.org.
Still can't reach the HAY.
I have a few backups but there was a problem I just found. Only the 3 daily backups were on the cloud, the 3 week and 3 months are not. I have a backup the day before I made the HA configuration.yaml change, but I'm willing to try all other measures before a HA reinstall in case there is a problem with the backup.
DuckDNS is back on-line, and my router's IP address is in sync there.

I'm out of ideas and running low on patience. Anything else to try before attempting reset and backup restore?

did you restore thehttp: configuration for duckdns to work? If that's still commented out or gone then you should be using http://192.168.0.11:8123

The last change I made was in configuration.yaml where I deleted http: and its lines below, saved and rebooted. http://192.168.0.11:8123/ does not work. The error is 'connection refused'

I have exactly the same thing since a few days. I can access my HA servers from a browser to my DuckDNS DDNS, but on both my iPad and my iPhone: they refuse to connect. I removed the servers from the Companion app and tried to re-connect but I get an error 1.

UPDATE: it appears to be a DuckDNS issue for me. I used a different DDNS URL and it works perfectly, the DuckDNS URLs don't. Anyone have any idea what could cause this?

An alternate DDNS doesn't work in my case.

I've taken the plunge and am restoring from backup. 5 hours so far. Getting nervous, but it is still running.

I've tried every backup after reloading the Yellow's OS without success. I connected via the CLI serial interface and found two more backups, neither of which worked. How can I verify there is not a hardware problem with my HAY?

What do the supervisor logs show about the restore attempts?

And are you restoring a duckdns configuration where you need to enter https:// to reach the local address?

Ok, my HAY is alive again. https://homeassistant.local:8123/ and DuckDNS are working, http://homeassistant.local:8123 and http://homeassistant:8123 don't work.
I still get code 1 when the companion app tries to connect.
In the restored configuration.yaml I have

http:
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem
  ip_ban_enabled: true
  login_attempts_threshold: 50 # bans ip after n attempts```
and found this in ip_bans.yaml
```# my duckdns server
#75.139.nnn.nnn:
#  banned_at: '2025-07-19T14:20:48.334702+00:00'

75.139.nnn.nnn:
  banned_at: '2025-08-23T13:45:41.708587+00:00'```
I redacted some of the address with nnn.
From this I believe I had found and noted the ban before and it happened again.  I'm thinking it's best to remove the IP ban feature, restart, and test the connection URLs again.
The question now is, is that a good idea?

@strong lynx what do you suggest?

use tailscale as it will handle all ssl and fowardings for you.

Going the VPN route is an option, but for now I'm interested in finding an answer to my September 19 question.

@unborn breach firstly, when you add the two SSL lines to the http section it switches HA's web server to use SSL and hence http:// won't work (needs to be https://).

The masked IP address appears to belong to a range issued to Charter Communications and hence I will presume it is your IP Address. If it is you can disable the IP Ban feature, however, it would instantly indicate that the username / password combination saved in the companion app is wrong.

I'm suddenly having the issue also. I can browse to my FQDN (custom, not DuckDNS) and log in just fine, but attempting to use External URL in the companion app just gives me this.

Domain is through Cloud Flare and is proxied. Inbound on my network goes through Nginx Proxy Manager and is properly forwarded. Port 443 external goes through Nginx and then to 8123 on my server hosting HA. Again, it works internal and external through browser, only companion app is having authentication issue.

dont know for sure it's related, but did you put the trusted proxies to config.yaml?

I haven't.

HA and NPM are both containers on the same server using the same IP address (Host network). What would I need to set the trusted proxy to?

Actually correction, HA is Host network, NPM is on the bridge.

I have this in my configuration.yaml that was already there and I added the 172.212.0.0/24 line

http:
use_x_forwarded_for: true
trusted_proxies:
- 172.17.0.0/24
- 172.212.0.0/24

I see this line in the HA error log, so I added the IP listed which is a CloudFlare IP. Still not working.

2025-10-14 09:31:00.752 WARNING (MainThread) [homeassistant.components.webhook] Webhook 6a136facae0fea630a91881133d4f197e561c1c415e03b11076be90cad356b03 only supports POST,PUT methods but GET was received from 172.71.23.180

Same here

Tried deleting the connection and reloading it. You get the login page and 2fa np but then get this afterwards.

Tried both external URL and Internal IP address.

what is your internal ip address?

192.168.178.66:8123

http? or https?

http

is your device on the same network? This doesn't really make sense. does http://192.168.178.66:8123 work in a browser?

Why does the ip make no sense? That’s the ip+ port. And no nothing works, no app and no bowser

ah, I thought it was working in a browser and not the app. Get your server connectable in a browser first. Worry about the app later.

Locally, with either homeassistant.local:8123 or whatever the current ip address is with :8123

After a hard reset I can connect to the server via browser. The app is still not working. But at least most of my stuff is working. I don’t why there are so many problems atm

Ok so now what is adapter ip address appearing in the bottom of the Settings > System > Network page

end0 (192.168.178.66/24,

2a02:810b:1507:1900:fa4:ebf7:79b3:a85a/64, fd33:2ee2:3143:0:8638:d04d:7cf:6371/64, fe80::34d5:1040:9bf4:ca04/64)

I could share you my screen if you want to. Could be easier

As long as your phone is on that same 192.168.178.* network, the app should be able to connect to 192.168.178.66:8123

http://10.42.42.52:8123 my web browser can access it fine and a newer android. Two iOS 15’s both can’t

Phone is on the same network but still can’t connect was connecting fine up til September.

Have you already cleared the cash in ios app, stopped and restarted app?

Where do you clear the cache in the app?

These?

I just spammed them all.

^

i would have to check my friend gemini... dont have ios 😉

says offload app, or delete, reboot and re-install app

what if you click on "reset frontend cache"?

sounds the same for me.. lol

I clicked all three starting from the top to the bottom. The bottom one deleted everything then the images above are from re-signing back in

then i would try the delete reboot reinstall way (unless another one has the direct solution..)

I feel like HA is blocking these devices some how

From the browser on the device

It's probably some security protocol that got updated and now bans them

The only error in the log from today

Logger: frontend.js.modern.202509260
Source: components/system_log/__init__.py:331
First occurred: October 15, 2025 at 8:05:08 AM (13 occurrences)
Last logged: 8:42:42 AM

Uncaught error from Chrome WebView 141.0.7390.43 on Android 13 Error: Failed to execute 'define' on 'CustomElementRegistry': the name "focus-trap" has already been used with this registry A.define (node_modules/@webcomponents/scoped-custom-element-registry/src/scoped-custom-element-registry.ts:180:12) /hacsfiles/advanced-camera-card/card-a4093b81.js:75:3686
Uncaught error from Chrome WebView 141.0.7390.43 on Android 13 Error: Failed to execute 'define' on 'CustomElementRegistry': the name "focus-trap" has already been used with this registry A.define (node_modules/@webcomponents/scoped-custom-element-registry/src/scoped-custom-element-registry.ts:180:12) /hacsfiles/frigate-hass-card/card-1ab50869.js:75:3686
Uncaught error from Chrome 140.0.0.0 on macOS 10.15.7 Error: Failed to execute 'define' on 'CustomElementRegistry': the name "focus-trap" has already been used with this registry A.define (node_modules/@webcomponents/scoped-custom-element-registry/src/scoped-custom-element-registry.ts:180:12) /hacsfiles/frigate-hass-card/card-1ab50869.js:75:3686
Uncaught error from Chrome 141.0.0.0 on Linux Error: Failed to execute 'define' on 'CustomElementRegistry': the name "focus-trap" has already been used with this registry A.define (node_modules/@webcomponents/scoped-custom-element-registry/src/scoped-custom-element-registry.ts:180:12) /hacsfiles/advanced-camera-card/card-a4093b81.js:75:3686

dont know about the error, but it sounds like an ios thingy though, cause pc and android can access. Checked tokens and review setup in ios app? right ip address?

You can see by the pictures above that it's getting logged in then downloading 900 items then disconnects the device.

I don't think it would report any of them if it wasn't connecting to the right place.

strange, connected to wifi and using internal ha address possible? 192.168.x.x

Yup it is.

proxy / dns?

configuration.yaml is set to allow my network ranges, there is no names needed to be translated.

then i have to pass it to the bigger brain peoples.. 😉 Having dinner now, will be back

You would think there would be something in the logs.

Looks like it's a problem with the beta

I dropped back to 2025.10.3 and it worked np

update from pcand try again?

Maybe I'll try dev

beta of which?

^

looks like it's working in dev as well.

oh the last beta of HA? Why are you running that?

That’s what I always run.

I like to know what problems I’m going to have right away instead of down the road.

The beta for Oct is done and there is no more development for it. It is now only stable releases.

No you are behind if you are running this beta.

#beta message

So dev it is

You can stay in beta channel, but when that month's beta is over, you update to the release. This should be appearing as an available update in HA even if you are in the beta channel

It didn't just said No updates available

You'll then see the November beta (on Wed Oct 29th)

I just use docker though so maybe not the same

Dev is fine but will be more chaotic if that's your thing

That's my thing, bleeding edge.

It's interesting though that the final beta doesn't also get released to end of the beta so then you could just leave it on beta until wed oct 29th

You would think they would be the same code no?

(Stable Release / End of beta channel release)

You can find the calendar here: https://developers.home-assistant.io/

As the stable point releases continue, you actually end up being behind.
So 2025.10.3 is newer than 2025.10.0b4

Companion app is not working on 2025.9 or 2025.10 for me. When I launch the app, it opens Chrome with an auth link and says it cannot reach Home Assistant with a countdown and a retry button. HA link to my server works through the web browser no problem, just issue with Companion app on Android. All other reverse proxy sites work as well.

Does anyone know if this issue is going to get looked at or what can be done to work around it?

did you submit an issue?

https://github.com/home-assistant/android/issues