bandit8623 106 Posted October 20, 2021 Posted October 20, 2021 (edited) Hello all, i figured since i got this to work i would share my guide on how you can use no-ip and emby together. I realize this is a paid option and not free (20$ for the year with coupon), but for me its worth it as i dont have to worry about my domain name expiring every month or the ssl cert either for an entire year. hopefully this wall of text isnt too crazy. any q's let me know. ____ ** this guide is assuming you use windows 10 or windows server 2016,2019,2022 and no-ip Enhanced Dynamic DNS - 25 Hostnames*** ** always can get coupon so its 20$ for the entire year*** **Enhanced Dynamic DNS - 25 Hostnames gives you 1 included ssl cert* **NOW CALLED Encryption Everywhere DV**** ** now get a free cert with free version of dynamic no-ip** what i currently use -------- 1-manage user certificates in windows search bar. 2-select personal on left then right click on right open space. 3-all tasks > advance > create custom request 4-can follow this guide -but when done leave cert manager open you will be uploading this file to no-ip -- Remember the "common name" you entered will need this to search for in step 6 https://www.noip.com/support/knowledgebase/generate-csr-windows-10/ **Remember to use 2 upper case letters for state and country** **you can choose where to save this csr as well so you dont have to search later, but they are stored by default in C:\windows\system32 if you need to find later as well steps 5-9 explain the other way** you can wait for your status to validate on no-ip.com (took 15 min for me) they are use for my dns so i can skip the txt part. download the pem file to your server once it validates. 5-now you need to get your private cert from your system 6-go back to cert manager right click personal and click find certs 7-search for your common name you setup before (should be 1 that matches) 8-right click and export 9-below is how to do this (sorry its long) Go to Start > run > MMC. Now navigate into the console tab. Select File and then click Add/Remove Snap-in. Under the Available Snap-Ins column, select Certificates and click Add. Choose Computer Account and click Next. Now select Choose Local Computer and hit Finish. Now close the Add Standalone Snap-in window and click OK on the Add/Remove Snap-in window. Step 2: Export Your SSL/TLS Certificate. Now, open the Certificates (Local Computer) snap-in and go to Personal > Certificates from the left-hand pane. Right-click on the certificate you want to export and go to All Tasks > Export. Once you do this, the Certificate Export Wizard will open up. *** you may need to search for your cert by riight clicking personal and clicking find certificates. search by your "common name" in the cert not the name you made. *** Select the Yes, export the private key option and click Next. Now the Export File Format window will open. Make sure that the option for Personal Information Exchange — PKCS#12 (.pfx) is selected. Tick the box for Include all certificates in the certificate path if possible. Now, de-select Require Strong Encryption. <--may or may not have this option (thanks to Teredactle ) Enter a password for protecting your PFX file and click Next. remember this password! Now choose a file name and the location to export the file and click Next. Finally, verify all the information and click on Finish if it’s okay. 10-install https://slproweb.com/products/Win32OpenSSL.html grab latest version (i used Win64 OpenSSL v1.1.1s) open an explorer window to the directory of openssl and place the 2 files. 1 file is from your export you just completed. the other is the pem file no-ip. once installed open a cmd prompt with admin privilege cd to the directory of openssl (mine is located here C:\Program Files\OpenSSL-Win64\bin ) C:\Program Files\OpenSSL-Win64\bin> openssl pkcs12 -in privatekeyemby.pfx -out localprivatekeyemby.pem -nodes <---converts private key from server to pem file the file will be created in the same place you ran the openssl tool. now u will take the localprivatekeyemby.pem you just exported by command line and combine with the pem file you downloaded from no-ip. C:\Program Files\OpenSSL-Win64\bin> OpenSSL pkcs12 -export -in noiphostnamedownload.pem -inkey localprivatekeyemby.pem -out emby.pfx <--combines pem cert from no-ip and private to a pfx file for emby ****As of Feb 2023 we now need to use the new cert from "Encryption Everywhere DV" there is a bug when downloading the PEM file. the file is all garbled and wont work in the command above. download the pem chain file instead and remove all sections but the first.. save as a normal pem file and use this in the openssl command above see my post on feb 2nd 2023 for more details ****** now go to emby server and select the file. in my case its emby.pfx and add the password you created when you exported the pfx file from your server. make ssl external connections only and reboot your server. make sure your ports are properly open. i use https://www.yougetsignal.com/tools/open-ports/ you can verify your cert is working properly with https://www.geocerts.com/ssl-checker i use the default emby 8920 https port. cheers! Edited February 10, 2023 by bandit8623 CERT NAME CHANGE 3 2
Teredactle 23 Posted March 16, 2022 Posted March 16, 2022 Hey @bandit8623 thanks for posting this. I used your post to successfully create the certificate and get SSL working. I've been using the free ddns service and (coincidentally) in the last week I was offered a free SSL certificate from them to use, just as I am testing Emby as the Plex replacement and realized that I needed a certificate for remote connections. The instructions on NOIP for the free certificate asks for the format of the web server to use (i.e Apache, IIS, etc), but in this case can just select OTHER and then paste in your CSR info, then you have the option to export PEM and several other formats once the cert is created. +In your instruction there were a couple of steps that for me weren't clear/documented and I sort of guessed, and it worked out fine, like here: Now the Export File Format window will open. Make sure that the option for Personal Information Exchange — PKCS#12 (.pfx) is selected. Tick the box for Include all certificates in the certificate path if possible. Now, de-select Require Strong Encryption. Enter a password for protecting your PFX file and click Next. remember this password! >So I did not have an option to "de-select Require Strong Encryption" >Also, there was a selection on how to encrypt using SHA-256 or something higher, but I recall seeing that you need to use 256 here. Cheers and thanks for sharing this!!! 1 1
bandit8623 106 Posted March 16, 2022 Author Posted March 16, 2022 (edited) 6 hours ago, Teredactle said: Hey @bandit8623 thanks for posting this. I used your post to successfully create the certificate and get SSL working. I've been using the free ddns service and (coincidentally) in the last week I was offered a free SSL certificate from them to use, just as I am testing Emby as the Plex replacement and realized that I needed a certificate for remote connections. The instructions on NOIP for the free certificate asks for the format of the web server to use (i.e Apache, IIS, etc), but in this case can just select OTHER and then paste in your CSR info, then you have the option to export PEM and several other formats once the cert is created. +In your instruction there were a couple of steps that for me weren't clear/documented and I sort of guessed, and it worked out fine, like here: Now the Export File Format window will open. Make sure that the option for Personal Information Exchange — PKCS#12 (.pfx) is selected. Tick the box for Include all certificates in the certificate path if possible. Now, de-select Require Strong Encryption. Enter a password for protecting your PFX file and click Next. remember this password! >So I did not have an option to "de-select Require Strong Encryption" >Also, there was a selection on how to encrypt using SHA-256 or something higher, but I recall seeing that you need to use 256 here. Cheers and thanks for sharing this!!! Thx for clearing a few things up as I kinda threw this together late night and a few beers in lol. So glad this helped you! Edited March 16, 2022 by bandit8623
bandit8623 106 Posted September 13, 2022 Author Posted September 13, 2022 (edited) https://www.noip.com/blog/2021/12/17/ssl-certificate-now-included-with-free-dynamic-dns/ looks like now this is even a better option as you get a free ssl cert now with the free version of no-ip. just have to monthly click the renew link for the hostname only. (ezpz). the ssl cert is good for a year. wanted to share. Cheers Edited September 13, 2022 by bandit8623 1
Teredactle 23 Posted September 21, 2022 Posted September 21, 2022 This is what I'm doing, monthly click I'm ok with that for a freebie :) 1
davedick 19 Posted November 27, 2022 Posted November 27, 2022 Just curious if you renewed the No-IP certificate for another year and if so, was there a simple way of doing it, or if you had "delete and recreate"?
bandit8623 106 Posted November 27, 2022 Author Posted November 27, 2022 3 hours ago, davedick said: Just curious if you renewed the No-IP certificate for another year and if so, was there a simple way of doing it, or if you had "delete and recreate"? I had to recreate because I'm using the free option.noip now includes a free trustcore ssl. I'm not sure if next year it will just let me renew or not. Last year I was on the paid option so it couldn't be just renewed.
bandit8623 106 Posted February 2, 2023 Author Posted February 2, 2023 just got this today, im on the free ssl. Dear No-IP Customer You are receiving this email as a No-IP customer who activated a free TrustCor Standard DV SSL Certificate. Unfortunately, you will need to reinstall your certificate as major browsers are ending support for TrustCor, one of the many SSL Certificate Authorities we had partnered with. We understand the importance of securing your hostname with an SSL certificate, therefore we have created a new certificate at no cost to you for you to install with one of our partners, DigiCert. Why do I need to replace my SSL Certificate? Initially, most browsers planned to phase out support for TrustCor for all newly issued certificates. At that time, No-IP stopped issuing new SSL certificates so that customers would not be required to replace their SSL certificates and new certificates could be created with our other partners. However, we have become aware that upcoming releases of Google and Microsoft browsers will stop support for all TrustCor certificates, while other browsers will continue to support Trustcor Certificates that were previously issued. When do I need to take action? To ensure your hostname is not disrupted, you will need to replace your TrustCor SSL Certificate no later than February 14th, 2023 (Google Chrome version 111 which contains this change is scheduled to go to beta on February 9, 2023 and Microsoft is scheduled to release on February 14th, 2023). How do I replace my SSL Certificate? To obtain your free DigiCert Encryption Everywhere SSL Certificate, follow these steps: Login to No-IP and head to the My Services > SSL Certificates At the top of the page, find the Encryption Everywhere DV and select Add CSR Upload your CSR A TXT record will be automatically created to perform domain validation. (Validation completes in minutes) Download and install your SSL Certificate. We apologize for any inconvenience this may cause. If you have any questions or comments, please do not hesitate to open a Support Ticket or give us a call at 775.853.1883.
Teredactle 23 Posted February 2, 2023 Posted February 2, 2023 (edited) I'm also got the email One thing is that when you create the certificate, no IP doesn't give you the option of just the cert, you need to select a "web server" - I don't recall what I did last time I generated it, worked fine though, I used Other this time. @bandit8623 so I went through to try and regenerate with the newly created PEM file from NO-IP and got errors (even after updating to the latest windows openssl verion 3.0.7).. F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: I'll also add the following comment, about the instruction(s). On 10/19/2021 at 8:32 PM, bandit8623 said: C:\Program Files\OpenSSL-Win64\bin> openssl pkcs12 -in privatekeyemby.pfx -out localprivatekeyemby.pem -nodes <---converts private key from server to pem file When I ran it this time it told me I needed a password, and had to use -password pass:mychosenpassword It's possibly because I skipped? a step here... On 10/19/2021 at 8:32 PM, bandit8623 said: 8-right click and export 9-below is how to do this (sorry its long) Go to Start > run > MMC. Now navigate into the console tab. Select File and then click Add/Remove Snap-in. Under the Available Snap-Ins column, select Certificates and click Add. Choose Computer Account and click Next. Now select Choose Local Computer and hit Finish. Now close the Add Standalone Snap-in window and click OK on the Add/Remove Snap-in window. Step 2: Export Your SSL/TLS Certificate. Now, open the Certificates (Local Computer) snap-in and go to Personal > Certificates from the left-hand pane. Right-click on the certificate you want to export and go to All Tasks > Export. Once you do this, the Certificate Export Wizard will open up. *** you may need to search for your cert by riight clicking personal and clicking find certificates. search by your "common name" in the cert not the name you made. *** Select the Yes, export the private key option and click Next. Now the Export File Format window will open. Make sure that the option for Personal Information Exchange — PKCS#12 (.pfx) is selected. Tick the box for Include all certificates in the certificate path if possible. It's unclear to me about MMC? I'm in the cert manager already as in step 6, this does the same thing no? Also at exporting, there are some additional checkboxes that are not covered in the instructions (Delete - self explanatory don't use this until you are sure all works, Export extended properties and Enable cert privacy, leave defaults like below? The next step asks the encryption, I chose AES256-SHA256, but there is also the option for TripleDES-SHA1. Maybe this is why it didn't work? In any case, did not work for me this round, as I got those errors above. Did it work for you? Edited February 2, 2023 by Teredactle added info
bandit8623 106 Posted February 2, 2023 Author Posted February 2, 2023 2 hours ago, Teredactle said: I'm also got the email One thing is that when you create the certificate, no IP doesn't give you the option of just the cert, you need to select a "web server" - I don't recall what I did last time I generated it, worked fine though, I used Other this time. @bandit8623 so I went through to try and regenerate with the newly created PEM file from NO-IP and got errors (even after updating to the latest windows openssl verion 3.0.7).. F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: I'll also add the following comment, about the instruction(s). When I ran it this time it told me I needed a password, and had to use -password pass:mychosenpassword It's possibly because I skipped? a step here... It's unclear to me about MMC? I'm in the cert manager already as in step 6, this does the same thing no? Also at exporting, there are some additional checkboxes that are not covered in the instructions (Delete - self explanatory don't use this until you are sure all works, Export extended properties and Enable cert privacy, leave defaults like below? The next step asks the encryption, I chose AES256-SHA256, but there is also the option for TripleDES-SHA1. Maybe this is why it didn't work? In any case, did not work for me this round, as I got those errors above. Did it work for you? Haven't tried yet. Hope to do by the weekend.
Teredactle 23 Posted February 6, 2023 Posted February 6, 2023 Will the new certificate work with older browser(s)? Just curious, like all the older smart TVs.... Or will I need to turn off SSL...I'd prefer NOT to..
Luke 39352 Posted February 6, 2023 Posted February 6, 2023 26 minutes ago, Teredactle said: Will the new certificate work with older browser(s)? Just curious, like all the older smart TVs.... Or will I need to turn off SSL...I'd prefer NOT to.. Older smart tv's will almost certainly require disabling it altogether.
bandit8623 106 Posted February 6, 2023 Author Posted February 6, 2023 (edited) On 2/2/2023 at 11:28 AM, Teredactle said: I'm also got the email One thing is that when you create the certificate, no IP doesn't give you the option of just the cert, you need to select a "web server" - I don't recall what I did last time I generated it, worked fine though, I used Other this time. @bandit8623 so I went through to try and regenerate with the newly created PEM file from NO-IP and got errors (even after updating to the latest windows openssl verion 3.0.7).. F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto\encode_decode\decoder_lib.c:101:No supported data to decode. Input structure: Certificate F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: F8240000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:crypto\store\store_result.c:151: I'll also add the following comment, about the instruction(s). When I ran it this time it told me I needed a password, and had to use -password pass:mychosenpassword It's possibly because I skipped? a step here... It's unclear to me about MMC? I'm in the cert manager already as in step 6, this does the same thing no? Also at exporting, there are some additional checkboxes that are not covered in the instructions (Delete - self explanatory don't use this until you are sure all works, Export extended properties and Enable cert privacy, leave defaults like below? The next step asks the encryption, I chose AES256-SHA256, but there is also the option for TripleDES-SHA1. Maybe this is why it didn't work? In any case, did not work for me this round, as I got those errors above. Did it work for you? So the problem for me was maybe 2 fold. first the pem file downloaded from no-ip was all garbled(notepad). i went back and checked my old pem file(with notepad) from trustcore and it was not garbled. so what i did next was check the pem chain from no-ip instead(pemchain was not garbled and had clear text. once downloaded you have to edit the file in notepad. remove all text after the first section after -----END CERTIFICATE----- so you have one section only example below use only blue highlighted section save this file as the regular .pem file use this file in openssl. I am currently up and running with new cert! confirm this works for you and i will send in a trouble ticket with no-ip to have these pem files hopefully fixed. -- other things i did, but not sure had anything to do with it. **** pls try the first fix first before doing all the extra work in these last 4 steps. ***** 1- fully removed openssl 2- I installed Win64 OpenSSL v1.1.1s 64MB version on https://slproweb.com/products/Win32OpenSSL.html 3- in cmd ran SET OPENSSL_MODULES=C:\Program Files\OpenSSL-Win64\bin 4- added the files here into the installed openssl directories https://drive.google.com/file/d/1tX7BJuGYfzZ8925Vr3xy2fzOrv8SdP8I/view?usp=sharing this one included legacy.dll **** pls try the first fix first before doing all the extra work in these last 4 steps. ***** let me know how it goes -Jake Edited February 6, 2023 by bandit8623 added pem chain example 1
Teredactle 23 Posted February 10, 2023 Posted February 10, 2023 (edited) On 2/6/2023 at 1:48 AM, bandit8623 said: So the problem for me was maybe 2 fold. first the pem file downloaded from no-ip was all garbled(notepad). i went back and checked my old pem file(with notepad) from trustcore and it was not garbled. so what i did next was check the pem chain from no-ip instead(pemchain was not garbled and had clear text. once downloaded you have to edit the file in notepad. remove all text after the first section after -----END CERTIFICATE----- so you have one section only example below use only blue highlighted section save this file as the regular .pem file use this file in openssl. I am currently up and running with new cert! confirm this works for you and i will send in a trouble ticket with no-ip to have these pem files hopefully fixed. -- other things i did, but not sure had anything to do with it. **** pls try the first fix first before doing all the extra work in these last 4 steps. ***** 1- fully removed openssl 2- I installed Win64 OpenSSL v1.1.1s 64MB version on https://slproweb.com/products/Win32OpenSSL.html 3- in cmd ran SET OPENSSL_MODULES=C:\Program Files\OpenSSL-Win64\bin 4- added the files here into the installed openssl directories https://drive.google.com/file/d/1tX7BJuGYfzZ8925Vr3xy2fzOrv8SdP8I/view?usp=sharing this one included legacy.dll **** pls try the first fix first before doing all the extra work in these last 4 steps. ***** let me know how it goes -Jake Will give it a go as you suggest and post back here. I will prep the certificate and test it, but won't implement it unless I get feedback from my family, as there is a mix of older LG smart tv (already an issue), laptops, Fire sticks, etc... -Fatman EDIT - tried it, so basically took the pem-chain file, edited as you suggested, then I ran the 2 commands as I had the cert exported. Did not generate any errors. Pointed Emby to it, restarted Emby, SSL was broken. Changed it back to the old one, restarted Emby, all is well. I'll give it a go from fresh again, but not sure what happened there. Does Emby need to be updated too, I'm running v4.6.7.0 portable which works fine for me and really don't feel like upgrading unless there is something the new version resolved. Is this such a case, v4.6.7.0 won't work with the new SSL certs?? Edited February 11, 2023 by Teredactle
bandit8623 106 Posted February 11, 2023 Author Posted February 11, 2023 (edited) 16 hours ago, Teredactle said: Will give it a go as you suggest and post back here. I will prep the certificate and test it, but won't implement it unless I get feedback from my family, as there is a mix of older LG smart tv (already an issue), laptops, Fire sticks, etc... -Fatman technically this new cert should work exact same as the one u currently use(just wont die on chrome this month). so far for all my clients are fine anyway. as for older devices (smart tvs) i recomend not connecting them to the internet and just getting a cheap fire stick and be done with it. i get it 20$ is 20$. but fixes alot of problems. Edited February 11, 2023 by bandit8623
freshj 2 Posted May 22, 2024 Posted May 22, 2024 Hi, firstly thanks for this helpful guide. I managed to get SSL to work and have been using it over the last year. The time has come to renew the certificate and I did so thru the no-ip dashboard using my existing hostname & CSR. My old certificate is still active, expires in a few days. I have downloaded the new certificate pem chain from no-ip. Unsure of what is required now. Do I now have to combine the private key created prior with the new certificate pem I have downloaded to create a new pfx to use with emby? Similar to what was detailed with openssl before? What about the current one? Do I need to revoke that? Does it override the old one? Just not sure what the process is to renew the ssl certificate. Appreciate help in clarifying how this process should go.
Luke 39352 Posted May 23, 2024 Posted May 23, 2024 On 5/21/2024 at 8:50 PM, freshj said: Hi, firstly thanks for this helpful guide. I managed to get SSL to work and have been using it over the last year. The time has come to renew the certificate and I did so thru the no-ip dashboard using my existing hostname & CSR. My old certificate is still active, expires in a few days. I have downloaded the new certificate pem chain from no-ip. Unsure of what is required now. Do I now have to combine the private key created prior with the new certificate pem I have downloaded to create a new pfx to use with emby? Similar to what was detailed with openssl before? What about the current one? Do I need to revoke that? Does it override the old one? Just not sure what the process is to renew the ssl certificate. Appreciate help in clarifying how this process should go. HI, from Emby's perspective, you don't need to revoke anything, although you may still wish to do that. You just need to point it to the pfx and supply the password. Please let us know how things go. Thanks ! 1
freshj 2 Posted May 23, 2024 Posted May 23, 2024 Thanks Luke, I managed to fumble through and get my head around it. I just created a new pfx using the renewed certificate pem and pointed emby to that. Easy process in the end. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now