Jump to content

Adding a Let's Encrypt Certificate via Plesk

goblin2k3

By goblin2k3
in Linux

 Share
Go to solution Solved by goblin2k3,

Recommended Posts

goblin2k3

goblin2k3 1

Posted
Posted

Hello,

have emby-server running on a debian lxc in proxmox. It can be remotely accessed using a domain which directs to a Plesk VPS, which directs to a Zoraxy reverse proxy running on another debian lxc in proxmox (the Plesk VPS and the Zoraxy reverse proxy a part of a tailscale VPN, emby isn't). Plesk assigned some self-signed SSH certificate to the domain, which, of course, is not considered secure by my browser. Installing a Let's Encrypt certificate with Zoraxy had no effect - the domain is obviously under the control of Plesk. However, when I try to install a Let's Encrypt certificate there, I get the message "The authorization token is not available at http://<domain>/.well-known/acme-challenge/<token>. To resolve the issue, make sure that the token file can be downloaded via the above URL. " My question is, how can I make this path accessible? I cannot even find an .htaccess file on the emby lxc.

Neminem

Neminem 875

Posted
Posted

Try this under Emby network settings.

image.png.1f115e54c9098c086b896cc8ae64003f.png

Thats how I do it, just with NPM

goblin2k3

goblin2k3 1

Posted
  • Author
Posted

Already did that, but thank you.

I should probably mention that currently Zoraxy passes requests to port 8096, as for some reason, port 8920 is unusable, although it is definitely opened. Changing the local ports (e.g. to 80 and 443) will make emby inaccessible, even though I opened these. Zoraxy's port scanner will always show only port 8096 as open and only, if it is used by emby. Otherwise it will show no open ports (besides the ssh port 22).

image.png.9d700a6eb266dfa2cd761accdc35c3f8.png

image.png.48fb9ed422de116d6df129f761c4612c.png

Neminem

Neminem 875

Posted
Posted

Ok don't know Zoraxy so can't really help you.

Luke Emby Team

Luke 40001

Posted
Posted

If you can locate the server install folder, then you can probably place a file inside the dashboard-ui folder. 

  • 4 weeks later...
  • Solution
goblin2k3

goblin2k3 1

Posted
  • Author
  • Solution
Posted

Finally figured out how to do it.

In case anyone else runs into the problem:

Plesk actually tries to install the certificate on the VPS it is installed on, not on the emby or zoraxy server. This means, you have to exclude the ".well-known" path from the proxy passing. To do this, just set a second rule in the Apache & nginx Settings of Plesk:

Quote

location ~ ^\/\.well-known.* {
    proxy_pass  http://localhost;
}
location / {
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $http_host;
    proxy_pass https://<emby-ip>;
}

 

  • Thanks 1
Luke Emby Team

Luke 40001

Posted
Posted

Thanks for coming back and following up !

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...