pokyCoder 1 Posted October 15, 2021 Posted October 15, 2021 (edited) I have all of the settings and a certificate set up for https, but for some reason the server is not running on https and is blocking all incoming connections on port 8920. I don't even know what info would be needed to diagnose. Here are my Network settings (private information obscured): LAN Networks: 192.168.1.0/24 Local IP address: 192.168.1.2 Local http port number: 8096 Local https port number: 8920 Allow remote connections to this Emby Server: YES Remote IP address filter: <BLANK> Remote IP address filter mode: Blacklist Public http port number: 8096 Public https port number: 8920 External domain: media.[my domain name] Custom ssl certificate path: [path]/[name].p12 Certificate password: ********* Secure connection mode: Required for all remote connections Max simultaneous video streams: Unlimited Internet streaming bit rate (Mbps): <BLANK> The dashboard shows "Running on http port 8096." Edited October 15, 2021 by pokyCoder Missed duplicate word
Happy2Play 9060 Posted October 16, 2021 Posted October 16, 2021 (edited) @Lukedoes the certificate need to be pfx? 2021-10-15 18:04:28.505 Error App: Error loading cert from /xxx/xxx/xxx/certificate.p12 *** Error Report *** Version: 4.6.4.0 Command line: /opt/emby-server/system/EmbyServer.dll -programdata /var/lib/emby -ffdetect /opt/emby-server/bin/ffdetect -ffmpeg /opt/emby-server/bin/ffmpeg -ffprobe /opt/emby-server/bin/ffprobe -restartexitcode 3 -updatepackage emby-server-deb_{version}_amd64.deb Operating system: Linux version 5.11.0-37-generic (buildd@lcy01-amd64-021) (gcc (Ubuntu 9.3.0-17ubuntu1~20.04) 9.3.0, GNU ld (GNU Binutils for Ubuntu) 2.34) #41~20.04.2 Framework: .NET Core 3.1.13 OS/Process: x64/x64 Runtime: opt/emby-server/system/System.Private.CoreLib.dll Processor count: 2 Data path: /var/lib/emby Application path: /opt/emby-server/system Interop+Crypto+OpenSslCryptographicException: Interop+Crypto+OpenSslCryptographicException: error:2006D002:BIO routines:BIO_new_file:system lib at Interop.Crypto.CheckValidOpenSslHandle(SafeHandle handle) at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password) at Emby.Server.Implementations.ApplicationHost.GetCertificate(CertificateInfo info) Source: System.Security.Cryptography.X509Certificates TargetSite: Void CheckValidOpenSslHandle(System.Runtime.InteropServices.SafeHandle) Edited October 16, 2021 by Happy2Play edited path
pokyCoder 1 Posted October 16, 2021 Author Posted October 16, 2021 (edited) I updated the certificate file to use the pfx extension and made the appropriate connection in the Network settings, and it did not fix the problem nor remove the error you cite. Edited October 16, 2021 by pokyCoder more precise
pokyCoder 1 Posted October 16, 2021 Author Posted October 16, 2021 I forgot to mention, since I know it would be important, that I did restart the server after making those changes.
Solution Q-Droid 803 Posted October 16, 2021 Solution Posted October 16, 2021 Check ownership and permissions of the cert store. As long as the file is PKCS12 format it doesn't really matter if the extension is p12 or pfx. 3
pokyCoder 1 Posted October 16, 2021 Author Posted October 16, 2021 What ownership/permissions are needed on the certificate?
pokyCoder 1 Posted October 16, 2021 Author Posted October 16, 2021 Okay, I feel foolish, but changing the owner of the certificate to emby (and not root) fixed the issue. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now