Jump to content

SSL setup


Mince

Recommended Posts

Hi there

Hope you guys are well.
Im running Emby on Ubuntu and i got my remote side working on HTTP.
Im trying to secure the server by doin a SSL certificate.
I signed up for a domain on a2hosting everything has propagated and im ready to go.

I tried to copy the certificate csr into a2hostings csr section but i get a error am i missing something?

I followed the support page
https://support.emby.media/support/solutions/articles/44001160086-secure-your-server

I have already done the 2 TXT records.
If i go on A2 hosting side there is a CRT that has to be completed.
I have done the CRT through Ubuntu

https://www.liquidweb.com/kb/generating-certificate-signing-request-csr-ubuntu-16-04/

I tried to copy the certificate csr into a2hostings csr section but i get a error am i missing something?

Will it be better to rather do a Self-Signed SSL Certificate through apache?

https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-22-04

 

Link to comment
Share on other sites

Hi, for maximum compatibility across devices I would suggest leaving self-signed as a last resort. Many devices will reject that and we can't always force them to accept it. So you want to make sure to use a certificate that your devices will trust.

Link to comment
Share on other sites

On 9/12/2022 at 6:51 PM, Luke said:

Hi, for maximum compatibility across devices I would suggest leaving self-signed as a last resort. Many devices will reject that and we can't always force them to accept it. So you want to make sure to use a certificate that your devices will trust.

Thx Luke i moved to cloudflare but i see theres alot of issues with cloudflare.
Is there any other solution a person can look at that works with Emby?

Link to comment
Share on other sites

11 hours ago, Mince said:

Thx Luke i moved to cloudflare but i see theres alot of issues with cloudflare.
Is there any other solution a person can look at that works with Emby?

Hi, yes, perhaps a setup like @pir8radio:

 

Link to comment
Share on other sites

Luke howsit

I got a ssl certificate working on Dynu in the end but im running my domain through A2hosting.
Now heres the issue on the support page theres a certificate converter. I have the certificate file but theres no pvt key or chain certificate.
So i dunno where to get those 2 Files, only files i got from dynu was 3 certificate files domain, intermediate1 and intermidiate2.

Must i download the private key from A2 hostings side and where would i find the chain certificate? @cayars

https://support.emby.media/support/solutions/articles/44001160086-secure-your-server

Link to comment
Share on other sites

So i got a bt further but im still not even coming rright.

So i need to create a PKCS #12 file fo emby
But im not coming right with the converter.
So im trying to make the file with openssl instead.

I got most of the files
Dynu - Chain certificate & Domain certificate
A2hosting - I need a private key

I couldnt download any private key so i opened notepad and copied the private key and pasted into notepad calling it private.key.
When i run the command on openssl i get a error on the key file

Could not open file or uri for loading private key from -inkey file from private.key
B4120000:error:16000069:STORE routines:ossl_store_get0_loader_int:unregistered scheme:crypto\store\store_register.c:237:scheme=file
B4120000:error:80000002:system library:file_open:No such file or directory:providers\implementations\storemgmt\file_store.c:267:calling stat(private.key)

Link to comment
Share on other sites

openssl pkcs12 -export -in yourcertificate.crt -inkey yourcertificate.key -out yourcertificate.p12

replace your certificate crt and key with the ones you have for ssl and name the output as you want, it will ask for name password to save it.

hope I help, offcourse you need to already have an ssl certificate and not a fake on your machine

 

Edited by dgrigo
Link to comment
Share on other sites

21 hours ago, Mince said:

So i got a bt further but im still not even coming rright.

If you're having trouble with this still, send me a PM with the info you have for your cert and I'll try and convert it for you.  That will give me a chance to see if you have the minimal amount of information needed to convert your present cert to pk#12 with password cert.

If it works, I can then show you exactly how to convert it.  If you're missing info we can schedule a remote session and I'll help you get this remedied.

Carlo

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...