Securing openHAB with HTTPS: Need Help

My goal is to secure the openHAB site on my emonPi with HTTPS such that when I log in remotely my password is not sent in the clear.

My configuration: my emonHub runs the November 2016 emonPi SD image. It is connected to my home router via ethernet, and is assigned a static IP. I use port-forwarding in my router to forward traffic on ports 80, 443, 883, 8080, and 8443 to those same ports on my emonHub. I own a domain name, and I use AWS Route 53 to forward requests for “” to the IP I’m assigned by my service provider.

I used CertBot from Let’s Encrypt successfully on the emonHub. Now when I browse to I get forwarded to and I see the “Secure” indicator in my browser.

Now I’d like to get the same thing working for my openHAB instance on that emonHub. I’ve tried browsing to, but I don’t get any response and the connection times out.

I’ve read a number of articles that are beyond my knowledge of Apache/NGIX, but it seems like I’m pretty close, and that if I could do some kind of virtual host, or redirection, the connection to openHAB could be secured with the certificate I now already have in place. Can anyone help get me there? Thanks!

I was able to get https working with openHAB today.

I saw the following quote here: Security · openhab/openhab1-addons Wiki · GitHub

openHAB supports HTTPS out of the box. Just point your browser to

So I started checking to see if port 8443 was open everywhere in my setup. It turns out the the port is not open on the emonSD image. I did the following to open it, but it might be worth doing so on future emonSD image versions.

$ rpi-rw
$ sudo ufw allow 8443/tcp

Now openHab is available encrypted over HTTPS, so I am happy. It would be even more cool if there were an easy way to get my certificate from Let’s Encrypt to replace the default (untrusted) one from, but I tried it, and it is not what I would consider easy. If anyone wants to write a script similar to this one, but made for emonPi, that would be awesome: · GitHub.