Untoten 296 Posted April 18, 2016 Share Posted April 18, 2016 (edited) Status: Initiated Blueprint Luke has investigated this, unclear the progress on universal development. App devs have not begun dev for this. Once Luke builds core compatibility it may be 3+ months before app/client SSL adoption. Spread the word! Let's make it known how many Emby users would love to see this feature! I have seen scattered, unorganized requests for this that seemed to die, so this will serve to centralize all support for SSL and to track responses/feedback. This is to request Emby support SSL, both app and web client to server. This would be for Emby Connect setups as well as local user setup.Current Plan:Utilize Lets Encrypt (https://letsencrypt.org/) to allow automated endoint encryption. Luke is currently looking for members that may be able to help automate this at server endpoints. Possible Solutions include subdomains for each client (ex. customer.emby.media) or custom domains for each customer such as DyDNS. Reasons for this: Secure activity/traffic between client and server Allows passwords to be passed plain text from client to server. Would allow development of SSO/LDAP authentication solutions. Please see and support our topic linked below:https://emby.media/community/index.php?/topic/26495-ldap-support/ What is done: Enhanced SSL support on mobile application What is needed: Core universal SSL support App supported SSL Web-app supported SSL Authentication passed over SSL to allow plaintext passwords Edited November 21, 2016 by Untoten 8 Link to comment Share on other sites More sharing options...
Beardyname 194 Posted April 18, 2016 Share Posted April 18, 2016 ssl is already available (have been running this for 6+ months or so) Are you asking it to be a built in valid cert? like letsencrypt, or would just like emby connect to implement it and make it valid somehow? Link to comment Share on other sites More sharing options...
Luke 37057 Posted April 18, 2016 Share Posted April 18, 2016 Before we can pursue LDAP, ssl has to work out of the box for all users without any complicated setup, so that's what this thread is about. 1 Link to comment Share on other sites More sharing options...
Beardyname 194 Posted April 21, 2016 Share Posted April 21, 2016 gotcha! 1 Link to comment Share on other sites More sharing options...
Untoten 296 Posted October 11, 2016 Author Share Posted October 11, 2016 BUMP!! Very useful for a lot of features, could allow plaintext auth to be sent as TLS would be existent. Link to comment Share on other sites More sharing options...
Untoten 296 Posted January 4, 2017 Author Share Posted January 4, 2017 @@Luke @@ebrI was told almost 6 months ago this was a top priority, is there any update? SSL is quite important in this day and age and would open the dorr for many improvements. Link to comment Share on other sites More sharing options...
Untoten 296 Posted January 13, 2017 Author Share Posted January 13, 2017 @Luke @ebrAny updates/timeframe on this? I know there are plenty of users that have been asking about this and have had to resort to custom work-arounds. Link to comment Share on other sites More sharing options...
Untoten 296 Posted January 26, 2017 Author Share Posted January 26, 2017 @@Luke @@ebr Updates? Progress? Link to comment Share on other sites More sharing options...
Untoten 296 Posted March 31, 2017 Author Share Posted March 31, 2017 @@Luke @@ebr, remember I will pay considerable cash for this. We all know SSL is becoming a necessity, especially with recent legislation. Link to comment Share on other sites More sharing options...
chef 3745 Posted March 31, 2017 Share Posted March 31, 2017 Although my coding skill are relatively new regarding web development, certificates. I have some limited understanding on how to use OpenSSL and have worked with LetsEncrypt briefly. Is there something I can do? I have a feeling that this is nessessary for some new developments in emby. 1 Link to comment Share on other sites More sharing options...
Untoten 296 Posted April 1, 2017 Author Share Posted April 1, 2017 Although my coding skill are relatively new regarding web development, certificates. I have some limited understanding on how to use OpenSSL and have worked with LetsEncrypt briefly. Is there something I can do? I have a feeling that this is nessessary for some new developments in emby. I would contact @@Luke and @@ebr, they seem to really need assistance with this based upon how long it has been. Maybe this would help as a jumping off point? https://github.com/DirtyJerz/embyDDNS SSL is really a necessity and I am shocked it has taken this long to be honest. Link to comment Share on other sites More sharing options...
Luke 37057 Posted April 1, 2017 Share Posted April 1, 2017 I would contact @@Luke and @@ebr, they seem to really need assistance with this based upon how long it has been. Maybe this would help as a jumping off point? https://github.com/DirtyJerz/embyDDNS SSL is really a necessity and I am shocked it has taken this long to be honest. We already support SSL, we just do not obtain a domain for users and therefore a more trusted cert. Link to comment Share on other sites More sharing options...
dcook 265 Posted April 1, 2017 Share Posted April 1, 2017 @@Untoten what is the issue? SSL is already supported, just put in your certificate Link to comment Share on other sites More sharing options...
Untoten 296 Posted April 1, 2017 Author Share Posted April 1, 2017 @@Untoten what is the issue? SSL is already supported, just put in your certificate Not universally. Not across all applications, so passwords are encrypted on client side. Meaning SSO and LDAP are not currently possible. This needs to be deployed universal so the authentication workflow can be altered. Link to comment Share on other sites More sharing options...
Untoten 296 Posted April 27, 2017 Author Share Posted April 27, 2017 This is still greatly inhibiting my deployment. Not only that, but TLS is absolutely necessary for Emby. Link to comment Share on other sites More sharing options...
Untoten 296 Posted June 16, 2017 Author Share Posted June 16, 2017 @@Luke @@ebr any updates on progress? Link to comment Share on other sites More sharing options...
ebr 14910 Posted June 16, 2017 Share Posted June 16, 2017 You will definitely hear from us when we have something to report. Thanks. Link to comment Share on other sites More sharing options...
Untoten 296 Posted June 16, 2017 Author Share Posted June 16, 2017 (edited) For transparency's sake and community collaboration, do you have a current status of the request? Perhaps a done/to do list?EDIT: Grammar Edited June 16, 2017 by Untoten Link to comment Share on other sites More sharing options...
Magic815 18 Posted June 18, 2017 Share Posted June 18, 2017 +1 on this. Sad to see such lack of development on SSL, LDAP, and SSO. Starting to regret the decision to go with Emby Premiere based on how some of the most popular requests take years to be implemented. I'm looking at you, modifiable landing tab. 1 Link to comment Share on other sites More sharing options...
Untoten 296 Posted June 18, 2017 Author Share Posted June 18, 2017 +1 on this. Sad to see such lack of development on SSL, LDAP, and SSO. Starting to regret the decision to go with Emby Premiere based on how some of the most popular requests take years to be implemented. I'm looking at you, modifiable landing tab. Same, I hate that my requests are passified so often, even for a simple request like transparency. Link to comment Share on other sites More sharing options...
ebr 14910 Posted June 18, 2017 Share Posted June 18, 2017 Same, I hate that my requests are passified so often, even for a simple request like transparency. I'm sorry but we are operating in a highly competitive environment so we are not usually going to publicly expose all of our internal plans or progress. With respect to this particular request - it is possible now to use SSL with Emby. It just requires a bit of proper configuration and necessary components provided by the user. To make this any more "plug-and-play" will require us to not only build a new system but also to provide a dynamic DNS service and integrate with other systems properly. 1 Link to comment Share on other sites More sharing options...
Untoten 296 Posted June 18, 2017 Author Share Posted June 18, 2017 I'm sorry but we are operating in a highly competitive environment so we are not usually going to publicly expose all of our internal plans or progress. With respect to this particular request - it is possible now to use SSL with Emby. It just requires a bit of proper configuration and necessary components provided by the user. To make this any more "plug-and-play" will require us to not only build a new system but also to provide a dynamic DNS service and integrate with other systems properly. I understand, I did not realize the competition of this market to be honest, that is very helpful to know when making requests, try to see from our perspective too it seemed like you were brushing us off. I will keep that factor in mind in the future for other requests. I get that it may not be plug and play, I just wish for the option to allow apps to send passwords plaintext so a more universal login system to be used, without SSL, obviously it is a terrible idea. But now that it is atleast an option, it would be nice to have the ability from the server side to push plaintext passwords. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now