Trying to set up SSL for Windows

[DommTheDon 0]

Hello, 

Brain is fried, so I'm going to try to give a decent enough explanation here.  I'm using Windows, NPM via Portainer/docker and cloudflare. I've been trying to get an SSL connection. 

I can currently go to my domain and it will show the emby logo. Sometimes the emby logo will just sit there for awhile, and then will eventually load or will load upon multiple refreshes ( when first connecting from a device not previously connected) However, this loads up like a local connection and shows the user profiles. I want it to show up like a non-local connection instead, where you have to manually enter your name for the first time. Not sure how to fix this. 

If I go to IP:HTTPPORT it will work. If I go to IP:HTTPSPORT it will not work. It will say "This page isn’t working. IP didn't send any data". However, if I change the HTTPS to https://IP:HTTPSPORT it will say "This server could not prove that it is [IP:HTTPSPORT]; its security certificate is from subdomain.domain.net. This may be caused by a misconfiguration or an attacker intercepting your connection". This is probably because I used Win-ACME to make a cert to try to see if this would work aside from what I was using with NPM and cloudflare. I tried this method as well as I could not get the IP:HTTPSPORT to work even locally with localhost:HTTPSPORT. So even though I was getting atleast somewhere with the NPM/Domain/CloudFlare I decided to also try to just attach a certificate to emby in the settings and see if it would work, it hasn't I dont believe? 

With the certificate via cloudflare and my domain it is a wildcard. the Cert I attached to emby ( to attempt to try after the first way wasn't fully working) is just the subdomain.domain.net. 

Also, for some reason when I use the App on the firestick and enter in the domain it will connect and show the local login ( profile pics and usernames for local) but when I try to enter password it says it is incorrect when it is not. However, when I go to a browser and the domain I can log in. 

I have tried to look at some other posts, but haven't really been able to follow along as I don't even know where to put in these configs I see people posting in their posts. I see NGINX configs when It's just NGINX, but I'm not sure where those are located when using NPM, and where I would put them. I also somewhat seem to have something working, and don't want to have to start from scratch as It's taken many hours to get to this point.

Hopefully this is somewhat able to be understood, my brain has completely melted by this point as I'm a noob at doing all of this and just learning as I go.

Thanks in advance for any help!

[DommTheDon 0]

I'm assuming that since it goes through NPM proxy host it acts a local connection so it shows the profiles and what not as local, Is there anyway to make it where this would not be the case and it act as not local so everyone would need to login? I know I can hide profiles not signed in on that location, so I may just stick with that if nothing else. ( I'm guessing this as I've seen the IP's have been the same of people signing in from different locations using the domain)

I have yet to figure out how to access it via the app on firestick and it log me in (continues to say incorrect password)

Finally got it to work via IP:PORT on non-hosting computer. If I go to IP:HTTPPORT it will redirect to IP:HTTPSPORT. however, still shows   as the domain for the cert is for subdomain.domain.net and not the IP:port. Not sure how to fix this. (This is the one created with Win-ACME). Also I can not access it on the local computer with Localhost:HTTPSPORT but I can with LocalHost:HTTPPort.

Still trying to work through this, just documenting my changes. 

Edited September 12, 2022 by DommTheDon

[Luke 37113]

Hi there, have you taken a look at this?

 

[DommTheDon 0]

I have, but as I stated, I'm not sure where to even put all of those config files with NPM. I just see them posted so doesn't really help me. Also, I've gotten some of it to work just specific things are not working. I would rather someone help me troubleshoot that then start from scratch( but that takes me back to not even knowing where to apply the configs they posted anyway even if I decided to start from scratch). 

I don't think any of that explains why I can log in via browser when accessing by domain and not being able to via the app and it saying the user/password is incorrect

Edited September 12, 2022 by DommTheDon

[DommTheDon 0]

@LukeAny idea why It won't login via the firestick app but will the domain or IP? it worked via the firestick app prior to adjusting all this and trying to add the SSL

[Luke 37113]

On 9/12/2022 at 11:58 AM, DommTheDon said:

@LukeAny idea why It won't login via the firestick app but will the domain or IP? it worked via the firestick app prior to adjusting all this and trying to add the SSL

@DommTheDon 

Hi.  Can you try sideloading our standard android app on the same device and see how that compares?

https://emby.media/emby-for-android.html

Thanks.