AFAIK ha natively uses port 8123, are you trying to use a proxied DNS entry with that port?
If you want to use ha on your local network with Cloudflare I personally would recommend using a docker setup. Would be important to know if you run it on a external server or on any device within your home-network?
If in your home-network I would do it like this:
(
) domain.tld:443 ==> router 123.123.123.123:443 ==> docker:443=>8123
alternatively you can remap ports on your router with port forwarding:
() domain.tld:443 ==> router 123.123.123:443 ==> docker:8123
other then that you can modify the port, ha uses to any other port (prefered one Cloudflare support). To do so please modify this line in your configuration.yaml:
http:
server_port: 8123
I would recommend changing it to 8443 or any other from the officially supported Cloudflare SSL ports:
- 443
- 2053
- 2083
- 2087
- 2096
- 8443
This will allow you to:
- proxy your domain and hide your private IP
- use SSL and a proper public SSL port
- not having to port-map anything (if a native Cloudflare SSL port is getting used)
But like @cscharff stated, your error 403 is getting generated on your origin server.