Tunnel Access: Command Execution Failed

aaiyar · March 4, 2025, 5:34pm

In what? A third-party remote access method? That isn't of their making.

That by the quote below you wanted Hubitat staff to comment on:

Presumably, you didn't want them to comment on this, then?

croweflight · March 4, 2025, 6:03pm

Try setting up the tunnel so hosts using it are layer 2
(same subnet and mask) instead of layer 3 (routed). That or set up hubitat to connect outside of it's mask.

dbowles1975 · March 4, 2025, 6:16pm

I never thought I'd run into a gatekeeper on these forums... but here we are.

aaiyar · March 4, 2025, 6:32pm

Can’t make up your mind whether you want support for a third-party product or not. So what do you do? Resort to an ad hominem remark.

Good luck to you.

Also what happened to this?

hubitrep · March 4, 2025, 11:30pm

It’s completely reasonable to assume HE staff would be interested to know when admin UI updates break common reverse proxy solutions. The product doesn’t exist in a vacuum and it’s reasonable to believe a highly compatible product is valuable to both vendor and user. An acknowledgment of the issue is not owed but would be nice.

To those who reported the issue, providing more troubleshooting info might help? Does the JavaScript console reveal anything of interest?

rpgruss · March 22, 2025, 12:58am

I ran into this issue as well, I am using nginx proxy manager to run Hubitat with SSL and internal domain name.

The fix for me was to change from forwarding http to https on the hubitat which fixed the command failed errors.

marktheknife · March 22, 2025, 4:40am

Actually that’s exactly what they do for all the devices on the hub’s compatibility list.

dbowles1975 · March 22, 2025, 6:21pm

If you're using a Cloudflare tunnel, this will solve the issue:

Generate Origin CA certificate in Cloudflare.
Add certificate and private key to the hub.
Change hub name on LAN to match public hostname in Cloudflare then reboot.
Enable https for public hostname in Cloudflare and, under TLS settings, set origin hostname to match hub name.
Check "No TLS Verify" under TLS settings.

randy.cooper1 · March 23, 2025, 1:42am

Excellent, it works perfectly. Thank you...

jakokln · April 16, 2025, 11:20pm

Thanks for this, switching to HTTPS from HTTP in NPM made the popup errors go away as well

nathan.snow · October 2, 2025, 8:23pm

I just have the hubitat hub behind haproxy and was getting this error. Switched the server config to use https/443, no cert verification (as we can't set a hostname/SNI on the hub), and now the error is gone.

bterps · December 29, 2025, 2:58am

In case it helps anyone here, i was having the same issue, direct IP access to the UI was fine, but FQDN was not. I use caddy as my reverse proxy running as a service within OPNsense.

I just had to switch the upstream protocol to https:// from http:// in the handler, and i left TLS Insecure Skip Verify checked and it fixed it.