Handl3vogn 6 Posted May 17, 2018 Share Posted May 17, 2018 (edited) @@cristol I dont know if this is the same problem, my https is always accessible but I get certification error in my browser/app when the official emby version is trying to handle the ssl certificate. You can try to this binhex-emby docker and se if that helps. https://hub.docker.com/r/binhex/arch-emby/ (works for me) Just run it on the same config files from your official emby docker (so you dont have to reconfigure anything) Edit: Looks like we have the same error message in logs. Cut out from one of my logs: 2018-02-26 00:06:06.067 Error HttpServer: Error in ProcessAccept *** Error Report *** Version: 3.3.0.1 Command line: /system/EmbyServer.dll -programdata /config -ffmpeg /bin/ffmpeg -ffprobe /bin/ffprobe -restartexitcode 3 Operating system: Unix 4.14.16.0 64-Bit OS: True 64-Bit Process: True User Interactive: True Processor count: 16 Program data path: /config Application directory: /system System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) --- End of inner exception stack trace --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.AuthenticateAsServer(X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) at SocketHttpListener.Net.HttpConnection..ctor(ILogger logger, Socket socket, EndPointListener epl, Boolean secure, X509Certificate cert, ICryptoProvider cryptoProvider, IMemoryStreamFactory memoryStreamFactory, ITextEncoding textEncoding, IFileSystem fileSystem, IEnvironmentInfo environment) at SocketHttpListener.Net.EndPointListener.ProcessAccept(Socket accepted) System.Security.Authentication.AuthenticationException at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.AuthenticateAsServer(X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) at SocketHttpListener.Net.HttpConnection..ctor(ILogger logger, Socket socket, EndPointListener epl, Boolean secure, X509Certificate cert, ICryptoProvider cryptoProvider, IMemoryStreamFactory memoryStreamFactory, ITextEncoding textEncoding, IFileSystem fileSystem, IEnvironmentInfo environment) at SocketHttpListener.Net.EndPointListener.ProcessAccept(Socket accepted) InnerException: Interop+OpenSsl+SslException Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) InnerException: Interop+Crypto+OpenSslCryptographicException Interop+Crypto+OpenSslCryptographicException: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown Edited May 17, 2018 by Handl3vogn 1 Link to comment Share on other sites More sharing options...
cristol 0 Posted May 17, 2018 Share Posted May 17, 2018 @@cristol I dont know if this is the same problem, my https is always accessible but I get certification error in my browser/app when the official emby version is trying to handle the ssl certificate. You can try to this binhex-emby docker and se if that helps. https://hub.docker.com/r/binhex/arch-emby/ (works for me) Just run it on the same config files from your official emby docker (so you dont have to reconfigure anything) Edit: Looks like we have the same error message in logs. Cut out from one of my logs: Yes with this version i can play video on my android phone with Emby app, there is a problem with the current version of emby (Officiel docker emby/embyserver). Wait and see for a patch... Link to comment Share on other sites More sharing options...
Handl3vogn 6 Posted May 18, 2018 Share Posted May 18, 2018 Lets hope they can fix it. My issue seems only to happen on debian/ubuntu based systems, windows/archlinux works fine. Anyway I have setup a reverse proxy so it can handle the ssl certification and this works fine on both versions. Does anyone know what system the emby docker is built on? Link to comment Share on other sites More sharing options...
Luke 37065 Posted May 19, 2018 Share Posted May 19, 2018 Hi, i've the same issue with the docker (Version 3.4.1.0) on debian 8.10 (OpenMediaVault). I can access and play video with my desktop but with my android phone it's impossible (chrome and emby app) *** Error Report *** Version: 3.4.1.0 Command line: /system/EmbyServer.dll -programdata /config -ffmpeg /bin/ffmpeg -ffprobe /bin/ffprobe -restartexitcode 3 Operating system: Unix 4.9.0.0 64-Bit OS: True 64-Bit Process: True User Interactive: True Processor count: 4 Program data path: /config Application directory: /system System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown --- End of inner exception stack trace --- After a moment, Https isn't accessible ... i must restart docker image to restart https access. PS : My certificat is generate with letsencrypt --> openssl pkcs12 -inkey privkey.pem -in fullchain.pem -export -out Emby.pfx -passout pass:PASSWORD It's an Emby problem ? logEmby.txt Screenshot_2018-05-17-18-36-07.png Capture du 2018-05-17 19-43-31.png According to this log you do have some successful https traffic here, so this is not the same problem. Link to comment Share on other sites More sharing options...
pmalek 0 Posted August 13, 2018 Share Posted August 13, 2018 Does anyone know what system the emby docker is built on? I would like to know an answer to that as well. It seems like a busybox kind of setup with s6 Link to comment Share on other sites More sharing options...
Mklitgaard 8 Posted December 24, 2018 Share Posted December 24, 2018 (edited) Hi im using Ubuntu 18.04 and came up with Error HttpServer: Error in ProcessAccept This will explain why Emby works in windows and not in linux. I found out that it all worked very well, Ubuntu server just nedd permission for Cert.pfx file in Terminal use this: sudo chown -R root:emby /opt/emby-server/ssl/cert.name.pfx Now Emby read Certificate and everything is fine. Emby can simply not process without permissions. Edited December 25, 2018 by Mklitgaard Link to comment Share on other sites More sharing options...
Luke 37065 Posted December 24, 2018 Share Posted December 24, 2018 Thanks for the feedback ! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now