insename 1 Posted January 2, 2015 Share Posted January 2, 2015 Hi everyone.I just discovered mediabrowser today and I must say that I am impressed. I like how everything is working so far. I set this up on my server just now and everything works like a dream.I know that ssl has already been requested and the response is that it is in the works but there is no anticipated release date due to higher priorities. My request is a smaller one that I hope can be both a temporary solution as well as a first step towards full ssl support. I have set up a reverse proxy with the server so that the web client works perfectly. The problem is that I cannot get any clients to connect to the ssl port. I assume that the clients do not support ssl or self signed certs at the moment. It would be great if the clients can be updated to support ssl and to have a checkbox to allow unsigned certs. I know that this would be a much smaller effort than enabling it on the server as a first step. Let me know what you think. Thanks. 1 Link to comment Share on other sites More sharing options...
insename 1 Posted January 5, 2015 Author Share Posted January 5, 2015 (edited) Just checking back on this. Any thoughts or plans on enabling ssl and unsigned cert support as an interim solution? I am thinking of droping plex in favor of mediabrowser. I have parallel runs of the servers right now to test. This feature will take plex out of the running. Edited January 5, 2015 by insename Link to comment Share on other sites More sharing options...
Luke 37067 Posted January 5, 2015 Share Posted January 5, 2015 anytime a change involves getting every single app developer together and coordinated, i can promise, it's not quicker and easier ssl is a planned feature so we will have it at some point. apart from waiting the only thing you can really do is contribute to the effort, and/or request options in the individual app forums. Link to comment Share on other sites More sharing options...
insename 1 Posted January 5, 2015 Author Share Posted January 5, 2015 So can I request individual apps? Will it be a problem for the community if apps across different platforms have different feature sets? So am I able to request in the android forums and leave this one as a master request?I would contribute but I am not a developer. Thanks Luke Link to comment Share on other sites More sharing options...
Luke 37067 Posted January 5, 2015 Share Posted January 5, 2015 And if anybody would like to contribute, here is our http server: https://github.com/MediaBrowser/SocketHttpListener It is a standalone project that can be used separately in a console app without the use of MBS. So you need to add https support to that library, test it on windows, linux, osx and bsd, and then once that's done MBS will be able to utilize it. Link to comment Share on other sites More sharing options...
jabbera 23 Posted January 27, 2015 Share Posted January 27, 2015 So can I request individual apps? Will it be a problem for the community if apps across different platforms have different feature sets? So am I able to request in the android forums and leave this one as a master request? I would contribute but I am not a developer. Thanks Luke This support is in the dev branch, but clients are not updated yet. using the browser should work. Link to comment Share on other sites More sharing options...
Glaive 0 Posted February 24, 2015 Share Posted February 24, 2015 Hi all, Sorry to ask, but I was wondering if anyone knows whether this is now live or not, as I can see the https port number field and the custom certificate path which I've populated with a self-signed certificate but it seems everytime I navigate to the https URL of my server it fails to load. Is this because the feature is not yet implemented, or am I doing something wrong? I only set this up yesterday, so apologies if it's a silly question... Thank you! Link to comment Share on other sites More sharing options...
Beardyname 194 Posted February 25, 2015 Share Posted February 25, 2015 Hi all, Sorry to ask, but I was wondering if anyone knows whether this is now live or not, as I can see the https port number field and the custom certificate path which I've populated with a self-signed certificate but it seems everytime I navigate to the https URL of my server it fails to load. Is this because the feature is not yet implemented, or am I doing something wrong? I only set this up yesterday, so apologies if it's a silly question... Thank you! For the web-client this should work, make sure you are allowing the firewall to allow https port. If you are trying this with any other client it will unfortunately fail as of now. Link to comment Share on other sites More sharing options...
Glaive 0 Posted February 25, 2015 Share Posted February 25, 2015 (edited) For the web-client this should work, make sure you are allowing the firewall to allow https port. If you are trying this with any other client it will unfortunately fail as of now. Thanks for the reply Beardyname. I've tried to telnet over the port I'm using (12007) and it seems to go through fine, but if I use a web browser I just get "Connection was interrupted", different to say "Unable to connect" if there was nothing listening (please see screenshots). This problem also happens locally on the server (Ubuntu 14.04 LTS x64Bit) My config: Any ideas? Thanks Edited February 25, 2015 by Glaive Link to comment Share on other sites More sharing options...
Beardyname 194 Posted February 25, 2015 Share Posted February 25, 2015 (edited) hmm there was a guide on how to convert the certificate files, although I'm not sure if that was windows specific or not. What happens if you remove the cert path save it, and restart the server. Will it still fail to load? (mine is blank as in the app made one all by itself) Other than that I don't have a clue, I'm running mine with one created by MBS and that works. also try typing out https specifically as in https://ipgoeshere:12003 (although that should give you another error than what you are currently seeing) *edit* noticed in your earlier reply that you used https so ignore the next to last piece of advice Edited February 25, 2015 by Beardyname Link to comment Share on other sites More sharing options...
Glaive 0 Posted February 26, 2015 Share Posted February 26, 2015 (edited) I tried uninstalling it completley (after i forced SSL it would not even work on http, checking the server logs under /var/lib/mediabrowser/logs I saw that it was trying to access the https cert that I placed in that path and i had to remove all traces). I have a fresh install, with no cert path or anything and its back to where it was - http only. Telnet to the https port seems to work but it's strange, unlike to http which goes through and the cursor blinks, the connection seems to be automatically dropped after a second of connection on HTTPS. I think this is what the problem is! Out of interest - what OS are you using to host your server? Otherwise, don't worry about it - I'll keep at it EDIT: I just tested the same on my Windows machine and it works fine. Seems like a problem with the Linux server. Gonna look into it and update this if I get somewhere incase someone else has the same issues. Edited February 26, 2015 by Glaive Link to comment Share on other sites More sharing options...
Beardyname 194 Posted February 26, 2015 Share Posted February 26, 2015 I tried uninstalling it completley (after i forced SSL it would not even work on http, checking the server logs under /var/lib/mediabrowser/logs I saw that it was trying to access the https cert that I placed in that path and i had to remove all traces). I have a fresh install, with no cert path or anything and its back to where it was - http only. Telnet to the https port seems to work but it's strange, unlike to http which goes through and the cursor blinks, the connection seems to be automatically dropped after a second of connection on HTTPS. I think this is what the problem is! Out of interest - what OS are you using to host your server? Otherwise, don't worry about it - I'll keep at it EDIT: I just tested the same on my Windows machine and it works fine. Seems like a problem with the Linux server. Gonna look into it and update this if I get somewhere incase someone else has the same issues. God luck sorry i could be of no real help, I'm running it on a windows server 2012 box. Will probably move it over to a unix machine in the future! Link to comment Share on other sites More sharing options...
bleomycin 0 Posted February 27, 2015 Share Posted February 27, 2015 I just stumbled on media browser and am very impressed with the software! I'm curious, when using the new HTTPS support via a web browser is all of the data transferred over ssl, including the media playback? Also, are there plans for the IOS app to support SSL as well? I'm extremely pleased to see that you are taking security seriously, there are many people like myself that refuse to use plex due to the lack of ssl across the board. Link to comment Share on other sites More sharing options...
Luke 37067 Posted February 27, 2015 Share Posted February 27, 2015 Yes, we are committed to it! You guys just have to be a little patient while we get all the client apps updated. Once that happens then we'll have more capabilities like having the ability to require https for all connections, for example. 2 Link to comment Share on other sites More sharing options...
jon_ 22 Posted March 8, 2015 Share Posted March 8, 2015 EDIT: I just tested the same on my Windows machine and it works fine. Seems like a problem with the Linux server. Gonna look into it and update this if I get somewhere incase someone else has the same issues. Hi, I have exactly the same issue, Ubuntu 14.0.4.2 LTS x64 - MB won't return anything via HTTPS. Either leaving the cert field blank or specifying an existing cert (either generated by MB itself or via openssl) gives a connection interrupted error in Chrome. Looking in the MB logs, I see: 2015-03-08 08:23:36.4932 Error - HttpServer: Exception loading certificate: /var/lib/mediabrowser/ssl/cert_9c31b7884ea54 *** Error Report *** Version: 3.0.5518.7 Command line: /opt/mediabrowser/MediaBrowser.Server.Mono.exe -programdata /var/lib/mediabrowser Operating system: Unix 3.13.0.44 Processor count: 8 64-Bit OS: True 64-Bit Process: True Program data path: /var/lib/mediabrowser Mono: 3.2.8 (Debian 3.2.8+dfsg-4ubuntu1) Application Path: /opt/mediabrowser/MediaBrowser.Server.Mono.exe Input data cannot be coded as a valid certificate. System.Security.Cryptography.CryptographicException at Mono.Security.X509.X509Certificate.Parse (System.Byte[] data) [0x00000] in <filename unknown>:0 at Mono.Security.X509.X509Certificate..ctor (System.Byte[] data) [0x00000] in <filename unknown>:0 at System.Security.Cryptography.X509Certificates.X509Certificate2.Import (System.Byte[] rawData, System.String at System.Security.Cryptography.X509Certificates.X509Certificate2.Import (System.String fileName, System.Strin at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor (System.String fileName) [0x00000] in at SocketHttpListener.Net.EndPointListener.LoadCertificateAndKey (System.Net.IPAddress addr, Int32 port, Syste InnerException: System.Security.Cryptography.CryptographicException Input data cannot be coded as a valid certificate. at Mono.Security.X509.X509Certificate.Parse (System.Byte[] data) [0x00000] in <filename unknown>:0 Looks like it's a Ubuntu / Linux related issue... Thanks Jon Link to comment Share on other sites More sharing options...
jon_ 22 Posted March 8, 2015 Share Posted March 8, 2015 FWIW - if anyone else sees this there's a fix at: http://mediabrowser.tv/community/index.php?/topic/18205-https-startssl-pfx-exception-loading-certificate/ Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now