Search the Community
Showing results for tags 'https'.
-
I read through the SSL Made Easy tome. The original post showing instructions for ssl setup was good (although I already knew it) but the rest did nothing for me. I'd like to describe my SSL problem and hopefully get some ideas for what I'm doing wrong. I used certbot to create the privkey.pem and cert.pem files. Then I did I left the password blank. The resulting emby.p12 file looks good. I extracted the key file from it which matched the original. Then I set the network settings to... It saved with no problem. Then I rebooted the server. The address "http://hahnca.com:8096" worked fine. I tried the address: "https://hahnca.com:8920" and got "hahnca.com refused to connect." I have no proxy or firewall. Others can try these URLS from outside but they will only get the login page. The log from the reboot I mentioned is attached. By an amazing coincidence the log starts at exactly midnight. Any ideas for things to try would be appreciated. embyserver (3).txt
-
ISP Changed and now my external domain WAN connection is borked
CrankstaWho posted a topic in General/Windows
I imagine this is a bit of a compound issue: my apartment complex changed their ISP provider recently (which I imagine changed my public IP) though I was not having issues until I moved my computer into it's own room, which changed my IP. I should have set a static IP for this guy but hindsight and all that. I can get into my Emby server through the LAN connection just fine, but the WAN times out. I am using HTTPS so have a domain through Dynu for SSL so I imagine that the issue is the IP that Dynu has isn't valid anymore. However, my understanding is that they dynamically update that so it should be accurate which has made me avoid messing with it. I did perform the canyouseeme test on port 8920 and it came back failed. I have attempted port forwarding but it made no difference. I'm sure I just need to flip a few switches here but I've been looking at it all for two days now and I'm fried. Any help would be appreciated. embyserver.txt -
This certificate was specifically created to use Emby through the Microsoft Edge browser over HTTPS on port 8920, eliminating the "connection is not secure" warning. It is important to note that this certificate works properly in Edge but not in Firefox. For the certificate to function correctly, it must be installed both in the Windows Certificate Manager and on the NAS where the Emby server is hosted. Note: The domain names and IPs used here are examples (, ) and must be replaced with those corresponding to your network.example.domain.lansubdomain.local.domain 1. Generate the .crt and .key files Open the Windows terminal: Launch a terminal (Command Prompt or PowerShell) and navigate to the folder where you want to generate the files. Choose the appropriate command based on your needs: For a single domain (single SAN): openssl req -x509 -newkey rsa:2048 -sha256 -days 3650 -nodes -keyout example.domain.lan.key -out example.domain.lan.crt -subj "/CN=example.domain.lan" -addext "subjectAltName=DNS:example.domain.lan" For multiple domains and IPs (multiple SANs): openssl req -x509 -newkey rsa:2048 -sha256 -days 3650 -nodes -keyout example.domain.lan.key -out example.domain.lan.crt -subj "/CN=example.domain.lan" -addext "subjectAltName=DNS:example.domain.lan,DNS:subdomain.local.domain,IP:192.168.1.xx" Verify the results: The files and will be generated in the specified folder. example.domain.lan.crt and example.domain.lan.key 2. Create the .pfx file for Emby Use the following command to merge the and files into a file: .crt + .key = .pfx openssl pkcs12 -export -out example.domain.lan.pfx -inkey example.domain.lan.key -in example.domain.lan.crt -name "example.domain.lan" Set a password for the .pfx file: You’ll be prompted to enter and confirm a password. You can leave it blank or assign one. Note: If you assign a password, remember it, as it will be required in Emby’s settings. The file will be generated in the same folder. example.domain.lan.pfx 3. Upload the .pfx file to the NAS Transfer the file: Copy the file to a folder accessible on your NAS. example.domain.lan.pfx Ensure that Emby can access the path where the file is stored. 4. Install the .crt certificate in Windows Open the .crt file directly: Double-click on the file . example.domain.lan.crt Click the Install Certificate button. Follow the installation wizard: Select Current User as the target location. Choose Place all certificates in the following store. Click Browse and select Trusted Root Certification Authorities. Click OK, then Next, and finally Finish. Confirm the installation: A confirmation message will appear asking if you want to install the certificate. Accept to complete the installation. 5. Configure Emby with the certificate Log in to Emby and navigate to Settings → Network. Locate the section Custom SSL certificate path. Enter the path to the file you uploaded to the NAS..pfx If you set a password for the file, enter it in the corresponding field. If you left it blank, leave the field empty..pfx In Secure connection mode, select: "Preferred, but not required" (this allows connections via both HTTP and HTTPS). Click Save and restart the Emby server to apply the changes. Important Notes The domain names (, ) and IP () are examples. Replace them with the actual domains and IPs of your network.example.domain.lansubdomain.local.domain192.168.1.xx If you need to include more addresses or subdomains, add them to the field when generating the certificate. For example:subjectAltName -addext "subjectAltName=DNS:example.domain.lan,DNS:subdomain.local.domain,DNS:extra.domain.com,IP:192.168.2.xx" Credits This guide was completed with the help and insights provided by @Lessajwhose expertise made this task much easier. Thank you for your support! Final Note If there's anything I missed or ways to improve this guide, I’d greatly appreciate your feedback and insights. Sharing your knowledge or suggesting adjustments would not only help refine this guide but also assist others who might face similar challenges. Feel free to share your thoughts—I'm always open to learning and improving. Thank you in advance!
- 1 reply
-
- 3
-
- ssl
- certificate
- (and 4 more)
-
Generate SSL certificate with ASUS router for enabling https on Emby server
teddybear75 posted a topic in General/Windows
So, i needed to enable remote connections for Emby server, and i wanted to secure it with https. I have seen quite a few guides on how to enable https on emby server, but i find this to be an easier way if you own an asus router that supports Lets Encrypt. Im not sure which models that support this, but my AC-86U did. All i did to get a hold of the ssl ceritifactes was to enable this in the WAN-DDNS section in the router, then export files like this: Then i converted the cert and key file to a pfx file with "Win64OpenSSL_Light-1_1_0L" https://slproweb.com/products/Win32OpenSSL.html and imported this in to Emby: I used this command: "openssl pkcs12 -inkey key.pem -in cert.pem -export -out output.pfx" Of course you also have to port forward the needed ports to make this work. Thats it, so if you own an ASUS router with this option you can save a lot of time, and a bonus, the router also automaticly renews the certificates. If this already has been posted i apologize, and feel free to leave comments if there are things i have missed or if this method seems like a bad idea. -
cant connect over remote unless on the internal via tailscale or something like that. realistically want it linked to my domain and be able to remote connect safely without other clients needing anything but emby. i have port forwarded all relevant ports to the correct internal ips. tried mullvad and proton for vpns but they dont offer a dedicated open port for me to use. using canyouseeme to check if ports are open shows nothing but either refused or time outs on the ping. thanks for reading
- 15 replies
-
Hello, I wanted I have my emby server running on a server that is accessed by a reverse proxy. This allows me to have multiple domains (other services) under the same IP address. This works great, and I have it running for some time now. Now I would like to enhance the security by adding a required Client Certificate Authentication, so that only authorised personal have access to the server. I configured it on the reverse proxy, and now when I access the server by the Webbrowser (desktop and android) it works, only people that have the certificate installed can communicate with the server. But the app does not work. When I access by the browser it asks me what is the client certificate to use, but in the app I simply can't connect. Is this possible? Or I have some miss configuration? Thank you
- 17 replies
-
- Certificate Authentication
- ssl
-
(and 1 more)
Tagged with:
-
Im using Linux Ubuntu 16.04 64 bit and Asustor AS-604T ADM 3.2.1 This requires you do own a domain and have create a Lets Encrypt certificate! Following ports should be open: 80, 443, 8096 and 8920 1. Login to ADM web interface > Settings > Certificate Manager - Click on Export Certificate. 2. Extract certificate.zip and open the folder certifiate 3. right click in the folder - select open terminal 4. enter the command: * Please change the name of the give-me-a-name.pfx * After execution of this command you will be prompted to create a password, this is recommanded! openssl pkcs12 -export -out give-me-a-name.pfx -inkey ssl.key -in ssl.crt 5. Save the new create give-me-a-name.pfx file on your NAS in a shared folder of own choice 6. go to: http://local.ip.of.nas:8096/ 7. Go to Advanced and do the following Check that Allow remote connection to this Emby Server is marked. * add external domain name * Custon ssl certificate path (Click on the magnifier right to the text field and navigate to where the .pfx file is. * Certificate password - Add the password you entered after execution of step 4. * Secure connection mode - Set to preferred, but not required. 8. Hit save and navigate to Controlpanel > Restart - Now you should be able to access the Emby Media Server from outside.
-
-
Hola, qué tal? Quería pedirles ayuda, por favor. Tengo el servidor Emby instalado en un NAS Asustor, y no puedo conectarme de forma remota desde Smart TV (por medio de navegador web, no tuve problemas). Como decía, tengo Emby instalado en un NAS Asustor, el cual me configura por defecto un proxy inverso (en una aplicación del propio NAS, no modifica la configuración del servidor Emby). Dicho proxy inverso está configurado con un puerto externo con protocolo https y el puerto interno por defecto -http- de Emby. Luego el router tiene abierto el puerto asignado por el proxy, con el protocolo https. Por otro lado, para evitar el problema de IP variable del ISP, tengo configurado en el router el servicio de ddns de No-IP. Conectándome desde navegador web, no tengo inconvenientes para ingresar al servidor Emby, pero desde Smart TV no se conecta: "No es posible conectarse al servidor seleccionado en este momento. Por favor asegúrese de que se encuentre en ejecución e inténtelo nuevamente." Alguien sabe cuál puede ser el problema? Muchas gracias!
-
Hi i would like to know if its possible to reuse my certificate LetsEncrypt from my NAS TS-251 to connect through https ? i tried to put the path of the cert certificate but its not working. here is what i have Custom SSL certificate path: /mnt/HDA_ROOT/.config/QcloudSSLCertificate/cert/cert error after restarting EmbyServer 2019-01-05 12:05:44.470 Info AuthenticationRepository: PRAGMA synchronous=1 2019-01-05 12:05:44.526 Error App: No private key included in SSL cert /mnt/HDA_ROOT/.config/QcloudSSLCertificate/cert/cert. 2019-01-05 12:05:44.737 Info ActivityRepository: Default journal_mode for /share/CACHEDEV1_DATA/.qpkg/EmbyServer/programdata/data/activitylog.db is wal and in my web page Secure Connection Failed The connection to xxxxxxxxxxxxxxx.myqnapcloud.com:yyyyyy was interrupted while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. thanks for your help ade05fr
- 26 replies
-
- qnap
- letsencrypt
-
(and 2 more)
Tagged with:
-
Cayars has been an awesome tech support while securing the Emby server on my system. He is verry patient and highly knowledgeable and has enabled fast access to my Emby server via a https address. I highly recommend him setting up and securing your Emby server on any platform.
-
Hi All, I have forwarded my synology https port and I am making use of the same to reverse proxy to Emby. I am able to access my Emby server remotely via https via browsers on phone or laptop. However, I am not able to connect to the same link via Apple TV. Could someone throw some light here. 1. tried the link with and without Port number. 2. tried reinstalling the app and restarted the server 3. Tried with and without automatic port mapping setting on Emby server the certificate I am using is from synology. The default certificate that is user for quick connect. I have forwarded the https synology port to local http port on LAN and enabled reverse proxy. Thanks in advance
- 4 replies
-
- apple tv 4k
- https
-
(and 2 more)
Tagged with:
-
Hi @Luke I am running emby server 4.7.5.0 on Ubuntu 20.04.4 LTS. Not sure when this stopped working as I mainly access my server locally via http but setup HTTPS on port 8920 behind HAProxy and was working fine. I saw an error no backend to emby in HAProxy so investigated and indeed I cannot access the server at all on https. If I curl from the emby server I get this error curl: (7) Failed to connect to localhost port 8920: Connection refused
-
How to get the Dashboard page to display HTTPS external url?
chj915 posted a topic in General/Windows
I have successfully made my Emby (Windows) Server to work with a valid SSL Cert. The goal of applying SSL Cert is to enable the HTTPS access from WAN, but I also want to disable the HTTP access (port 8096). I want all remote access from WAN to go through HTTPS only. Now, I can access my home emby server from WAN network via HTTPS url on port 8920. However, on my dashboard page, the External Url link is still showing the HTTP version of external link. Is there a way to configure my dashboard to display only the HTTPS version url?- 5 replies
-
- external url
- ssl cert
-
(and 1 more)
Tagged with:
-
Hallo zusammen Ich habe folgendes Problem. Mein Emby Server soll mittels HTTPS (über Port 443) und einem Zertifikat das von Certify the Web erstellt worden ist erreicht werden. Das Zertifikat habe ich aus dem IIS Exportiert und in den Emby Einstellungen Hinterlegt (auch mit dem Korrekten Passwort). Ich habe es auch mit dem Standard Port versucht und diesen auf meinem Router Freigegeben allerdings ohne erfolg. Leider kann ich mit der Error Meldung im Log File (Im Anhang) nichts anfangen. Ich danke bereits viel mal im Voraus für eure Hilfe Grüsse Fabian embyserver.txt
-
I have all of the settings and a certificate set up for https, but for some reason the server is not running on https and is blocking all incoming connections on port 8920. I don't even know what info would be needed to diagnose. Here are my Network settings (private information obscured): LAN Networks: 192.168.1.0/24 Local IP address: 192.168.1.2 Local http port number: 8096 Local https port number: 8920 Allow remote connections to this Emby Server: YES Remote IP address filter: <BLANK> Remote IP address filter mode: Blacklist Public http port number: 8096 Public https port number: 8920 External domain: media.[my domain name] Custom ssl certificate path: [path]/[name].p12 Certificate password: ********* Secure connection mode: Required for all remote connections Max simultaneous video streams: Unlimited Internet streaming bit rate (Mbps): <BLANK> The dashboard shows "Running on http port 8096."
-
Been a while since I have had to post so just a quick thank you. I am running EmbyServer in a docker on my unRAID server (emby/embyserver:latest) and I'm trying to get HTTPS to work through my Nginx Proxy. HTTP works no problem. Client: Docker Engine - Community Version: 20.10.5 API version: 1.41 Go version: go1.13.15 Git commit: 55c4c88 Built: Tue Mar 2 20:14:11 2021 OS/Arch: linux/amd64 Context: default Experimental: true Server: Docker Engine - Community Engine: Version: 20.10.5 API version: 1.41 (minimum version 1.12) Go version: go1.13.15 Git commit: 363e9a8 Built: Tue Mar 2 20:18:31 2021 OS/Arch: linux/amd64 Experimental: false containerd: Version: v1.4.3 GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b runc: Version: 1.0.0-rc93 GitCommit: 12644e614e25b05da6fd08a38ffa0cfe1903fdec docker-init: Version: 0.19.0 GitCommit: de40ad0 Client: Context: default Debug Mode: false Server: Containers: 12 Running: 10 Paused: 0 Stopped: 2 Images: 12 Server Version: 20.10.5 Storage Driver: btrfs Build Version: Btrfs v4.20.1 Library Version: 102 Logging Driver: json-file Cgroup Driver: cgroupfs Cgroup Version: 1 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc Default Runtime: runc Init Binary: docker-init containerd version: 269548fa27e0089a8b8278fc4fc781d7f65a939b runc version: 12644e614e25b05da6fd08a38ffa0cfe1903fdec init version: de40ad0 Security Options: seccomp Profile: default Kernel Version: 5.10.28-Unraid Operating System: Slackware 14.2 x86_64 (post 14.2 -current) OSType: linux Architecture: x86_64 CPUs: 8 Total Memory: 15.34GiB Name: NEO ID: Y3GH:2DQQ:RWFG:TAIJ:3NPK:QLXK:M5QV:F22B:HCUV:QH5I:VBER:5M6B Docker Root Dir: /var/lib/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false Product License: Community Engine docker run -d --name='Emby' --net='bridge' -e TZ="Europe/London" -e HOST_OS="Unraid" -e 'UID'='2' -e 'GID'='2' -e 'GIDLIST'='2,18' -p '8096:8096/tcp' -p '8920:8920/tcp' -v '/mnt/user/nas/':'/mnt':'rw' -v '/mnt/cache/appdata/EmbyServer/':'/config':'rw' --device=/dev/dri 'emby/embyserver:latest' When going to my https address I get 502. Looking in the container logs I noticed I only see `Info App: Adding HttpListener prefix http://+:8096/` I can not see HttpListener for 8920. Any thoughts why the container isn't starting HttpListener for 8920. Thank you, MrLinford
- 2 replies
-
- docker
- docker https
-
(and 1 more)
Tagged with:
-
My IPTV provider recently switched to using self-signed 10-year certificate. This has caused emby to throw an error about an untrusted cert and will no longer play any streams. How can I allow emby trust the certificate? Does the self signed cert need to be trusted at a system level or perhaps installing the cert to "/var/lib/emby/.dotnet/corefx/cryptography/x509stores/"? The IPTV server in question is @ https://50.7.100.82/ I have attached the thrown error when attempting to connect to the stream. embyserver.txt
-
This was working, however all of a sudden the image is blank on the Continued Watching tile for any movie I watch. Any ideas on why this may have started happening? Is this a setting or a configurable item? My setup is emby in docker on synology using let's encrypt, reverse proxy and https.
-
I'm trying to set up a load balancer and reverse proxy (Kemp LoadMaster) to handle all incoming connections on port 443 and distribute to my various services in the local network, and to manage SSL certs. I am completely unable to get Emby Server running on macOS to listen on HTTPS. I don't want to "allow remote connections to this Emby Server" or manage an SSL cert on the Emby instance. As you can see below, the Emby Server is not listening on https (port 8920) even though it's reporting that it is. I've tried enabling "allow remote connections" for testing with "handed be reverse proxy" but still no dice. sudo lsof | grep LISTEN | grep -i emby EmbyServe 10196 *redacted* 148u IPv6 0xe964fbfa92b187eb 0t0 TCP *:8096 (LISTEN) embytray 10197 *redacted* 4u IPv4 0xe964fbfa79f4057b 0t0 TCP localhost:8024 (LISTEN) And no, there is nothing else listening on port 8920, and I have tried changing https port to no effect. I'd really like to get this working without using EmbyConnect as I want to manage and monitor internal services through a single interface. Emby Logs: embyserver.txt.zip
-
hello, i've been using emby for a little while on my QNAP TS-251B, but recently noticed that my devices (browsers, an nvidia shield) only connect via unsecured http on the default port 8096. when trying to bring up the page (from within my lan) on the default https port of 8920, chrome gives me ERR_CONNECTION_REFUSED. in Emby Configuration > Server > Network, i do see that the port number is indeed set to 8920. however, when i run nmap against the device to scan for open ports, 8920 appears closed. i'm using Emby server version 4.5.4.0
-
embyserverlogidentifyerror.txt I am unable to retrieve tv show metadata from the internet due to a TrustFailure - CERTIFICATE_VERIFY_FAILED Here an error snippet snippet from the attached log: 2021-01-05 11:09:54.348 Info HttpClient: HttpClientManager GET: https://www.thetvdb.com/api/GetSeries.php?seriesname=Downton+Abbey&language=en 2021-01-05 11:09:55.139 Error HttpClient: Error TrustFailure getting response from *** Error Report *** Version: 4.4.3.0 Command line: /var/packages/EmbyServer/target/server/EmbyServer.exe -package synology -programdata /var/packages/EmbyServer/target/var -ffmpeg /var/packages/EmbyServer/target/ffmpeg/bin/ffmpeg -ffprobe /var/packages/EmbyServer/target/ffmpeg/bin/ffprobe -ffdetect /var/packages/EmbyServer/target/ffmpeg/bin/ffdetect -restartexitcode 121 Operating system: Unix 2.6.32.12 64-Bit OS: False 64-Bit Process: False User Interactive: False Mono: 6.8.0.105 (tarball Wed Apr 8 20:33:25 UTC 2020) Runtime: file:///volume1/@appstore/EmbyServer/3rdparty/mono/6.8.0.105/lib/mono/4.5/mscorlib.dll System.Environment.Version: 4.0.30319.42000 Processor count: 1 Program data path: /var/packages/EmbyServer/target/var Application directory: /volume1/@appstore/EmbyServer/releases/4.4.3.0 System.Net.WebException: System.Net.WebException: Error: TrustFailure (Authentication failed, see inner exception.) ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> Mono.Btls.MonoBtlsException: Ssl error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED at /source/mono/external/boringssl/ssl/handshake_client.c:1132 at Mono.Btls.MonoBtlsContext.ProcessHandshake () [0x00048] in <b373cc92cfb94ef6a19b4f1140645494>:0 at Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake (Mono.Net.Security.AsyncOperationStatus status, System.Boolean renegotiate) [0x000da] in <b373cc92cfb94ef6a19b4f1140645494>:0 at (wrapper remoting-invoke-with-check) Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake(Mono.Net.Security.AsyncOperationStatus,bool) at Mono.Net.Security.AsyncHandshakeRequest.Run (Mono.Net.Security.AsyncOperationStatus status) [0x00006] in <b373cc92cfb94ef6a19b4f1140645494>:0 at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation (System.Threading.CancellationToken cancellationToken) [0x000fc] in <b373cc92cfb94ef6a19b4f1140645494>:0 --- End of inner exception stack trace --- at Mono.Net.Security.MobileAuthenticatedStream.ProcessAuthentication (System.Boolean runSynchronously, Mono.Net.Security.MonoSslAuthenticationOptions options, System.Threading.CancellationToken cancellationToken) [0x00262] in <b373cc92cfb94ef6a19b4f1140645494>:0 at Mono.Net.Security.MonoTlsStream.CreateStream (System.Net.WebConnectionTunnel tunnel, System.Threading.CancellationToken cancellationToken) [0x0016a] in <b373cc92cfb94ef6a19b4f1140645494>:0 at System.Net.WebConnection.CreateStream (System.Net.WebOperation operation, System.Boolean reused, System.Threading.CancellationToken cancellationToken) [0x001ba] in <b373cc92cfb94ef6a19b4f1140645494>:0 --- End of inner exception stack trace --- at System.Net.WebConnection.CreateStream (System.Net.WebOperation operation, System.Boolean reused, System.Threading.CancellationToken cancellationToken) [0x0021a] in <b373cc92cfb94ef6a19b4f1140645494>:0 at System.Net.WebConnection.InitConnection (System.Net.WebOperation operation, System.Threading.CancellationToken cancellationToken) [0x00141] in <b373cc92cfb94ef6a19b4f1140645494>:0 at System.Net.WebOperation.Run () [0x0009a] in <b373cc92cfb94ef6a19b4f1140645494>:0 at System.Net.WebCompletionSource`1[T].WaitForCompletion () [0x00094] in <b373cc92cfb94ef6a19b4f1140645494>:0 at System.Net.HttpWebRequest.RunWithTimeoutWorker[T] (System.Threading.Tasks.Task`1[TResult] workerTask, System.Int32 timeout, System.Action abort, System.Func`1[TResult] aborted, System.Threading.CancellationTokenSource cts) [0x000f8] in <b373cc92cfb94ef6a19b4f1140645494>:0 at System.Net.HttpWebRequest.EndGetResponse (System.IAsyncResult asyncResult) [0x00020] in <b373cc92cfb94ef6a19b4f1140645494>:0 at System.Threading.Tasks.TaskFactory`1[TResult].FromAsyncCoreLogic (System.IAsyncResult iar, System.Func`2[T,TResult] endFunction, System.Action`1[T] endAction, System.Threading.Tasks.Task`1[TResult] promise, System.Boolean requiresSynchronization) [0x0000f] in <9d3f0d4bd0fb4c1e8b6c2ac1ba1303ac>:0 Source: System TargetSite: System.Net.WebResponse EndGetResponse(System.IAsyncResult) InnerException: System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. Source: mscorlib TargetSite: Void Throw() at Mono.Net.Security.MobileAuthenticatedStream.ProcessAuthentication (System.Boolean runSynchronously, Mono.Net.Security.MonoSslAuthenticationOptions options, System.Threading.CancellationToken cancellationToken) [0x00262] in <b373cc92cfb94ef6a19b4f1140645494>:0 at Mono.Net.Security.MonoTlsStream.CreateStream (System.Net.WebConnectionTunnel tunnel, System.Threading.CancellationToken cancellationToken) [0x0016a] in <b373cc92cfb94ef6a19b4f1140645494>:0 at System.Net.WebConnection.CreateStream (System.Net.WebOperation operation, System.Boolean reused, System.Threading.CancellationToken cancellationToken) [0x001ba] in <b373cc92cfb94ef6a19b4f1140645494>:0 InnerException: Mono.Btls.MonoBtlsException: Ssl error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED at /source/mono/external/boringssl/ssl/handshake_client.c:1132 Source: System TargetSite: Boolean ProcessHandshake() at Mono.Btls.MonoBtlsContext.ProcessHandshake () [0x00048] in <b373cc92cfb94ef6a19b4f1140645494>:0 at Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake (Mono.Net.Security.AsyncOperationStatus status, System.Boolean renegotiate) [0x000da] in <b373cc92cfb94ef6a19b4f1140645494>:0 at (wrapper remoting-invoke-with-check) Mono.Net.Security.MobileAuthenticatedStream.ProcessHandshake(Mono.Net.Security.AsyncOperationStatus,bool) at Mono.Net.Security.AsyncHandshakeRequest.Run (Mono.Net.Security.AsyncOperationStatus status) [0x00006] in <b373cc92cfb94ef6a19b4f1140645494>:0 at Mono.Net.Security.AsyncProtocolRequest.ProcessOperation (System.Threading.CancellationToken cancellationToken) [0x000fc] in <b373cc92cfb94ef6a19b4f1140645494>:0 Any help would be appreciated.
- 6 replies
-
- network
- trustfailure
-
(and 3 more)
Tagged with:
-
Prefer https over http won't automatically direct to https
vodouch17 posted a topic in General/Windows
Hi, I've been trying to solve a problem where when i go to my emby server through a Web browser then it'll go through http not https even though https is set up correctly and working. I have the preferred but not required setting and I need to keep it that way because a one of my TVs doesn't support https and there were too many problems with it. PS: sorry for my English it's not my primary language -
Ok this is going to be a long post. In this thread I will show you 2 different ways in which I setup a HTTPS connection to my emby server. Both ways require a certificate which again I will show you how i got mine using Lets Encrypt on Windows. I will break the posts up into Sections. Part.1 - Setting up a DDNS (Dynamic DNS host) Only require if you ISP IP is dynamic i.e. changes. Part.1.A - Setting Up DDNS using your own Domain Name Part.2 - Getting a Domain Name (Optional but looks fancier) Part.3 - Getting a SSL Cert from Lets Encrypt the easy way. Part 3a - Using LE.exe to get Certificates (recommended) Part.4 - Setting up HTTPS by changing default port to 443 Part.5 - Setting up HTTPS using reverse proxy
- 218 replies
-
- 12
-
bonjour à tous je voudrais savoir comment doit on procédé pour avoir une connexion sécurisé en https pour emby. J'ai comme FAI free , un nom de domaine redirigé sur ma delta box , le serveur emby est sur un de mes pc . les redirection de port vers ce Pc pour http 8096 et https 8920 sont faites. aucun problème de connexion en local ou a distance en ip direct ou avec le nom de domaine en http le https par contre ne fonctionne pas. je voudrais si possible savoir comment réalisé cette connexion en https. Merci pour toutes aides et autres explications. cordialement