There are some local services like that run over https and you do get prompted on the browser by “click accept the risk”
I found no problems using funnels for normal services that run over http, however, I don’t achieve to make those https public.
Is that even possible?
Someone else is having the same problem here: Tailscale Serve an already https port
I tried it myself and it seems if you try to serve a local HTTPS service over funnel, then the website can’t be reached.
So it seems that you currently can’t do that.
If your local network is a trusted environment then you could serve Homeassistant, etc. on HTTP within your LAN, and then use
tailscale serve to serve them via HTTPS.
That way you can access these services via HTTPS inside your LAN and optionally expose some of them to the internet via
The only downside is that the CN of your HTTPS certificates will always be the FQDN of your tailnet node, e.g.
yourmachine.yourtailnet.ts.net. Though with browser’s suggestions from history, local short-link services (e.g.
golink by tailscale) and similar, that is not really an inconvenient downside IMO.
Thanks for answering,
In my case I wanted to access a homeassistant instance via funnels, I finally managed to make it work through this addon:
No problem, glad you got it working.