syralk 12 Posted April 18, 2018 Share Posted April 18, 2018 (edited) Hi, For some reson when i try to connect my Roku to my emby server via HTTPS using a PFX from letsencrypt it doenst work error -60 SSL certificate problem unable to get local issuer certificate it works in Kodi but not in Roku I am using the version 3.3.1.0 I tries - Linux Debian Jessie with and without docker - Linux Ubuntu Xenial without docker - brand new install of Ubuntu 17.10 with the same pfx same issue if i try in emby server on Windows 10 or Windows 2016 Roku work perfectly with the same PFX Do I need a additional dependency in Linux? thanks Edited April 18, 2018 by syralk Link to comment Share on other sites More sharing options...
Luke 36997 Posted April 18, 2018 Share Posted April 18, 2018 Hi, where does it say that error? Link to comment Share on other sites More sharing options...
syralk 12 Posted April 18, 2018 Author Share Posted April 18, 2018 Hi, where does it say that error? On the Roku during the connection to a new server Link to comment Share on other sites More sharing options...
syralk 12 Posted April 18, 2018 Author Share Posted April 18, 2018 (edited) this issue was not present when emby was install using a ubuntu repo, i think its because it was using mono Edited April 18, 2018 by syralk Link to comment Share on other sites More sharing options...
Luke 36997 Posted April 18, 2018 Share Posted April 18, 2018 Can you please attach the server log? Thanks Link to comment Share on other sites More sharing options...
syralk 12 Posted April 18, 2018 Author Share Posted April 18, 2018 2018-04-18 16:07:13.379 Error HttpServer: Error in ProcessAccept *** Error Report *** Version: 3.3.1.0 Command line: /opt/emby-server/system/EmbyServer.dll -programdata /var/lib/emby -ffmpeg /opt/emby-server/bin/ffmpeg -ffprobe /opt/emby-server/bin/ffprobe -restartexitcode 3 -updatepackage emby-server-deb_{version}_amd64.deb Operating system: Unix 4.9.0.0 64-Bit OS: True 64-Bit Process: True User Interactive: True Processor count: 2 Program data path: /var/lib/emby Application directory: /opt/emby-server/system System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) --- End of inner exception stack trace --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.AuthenticateAsServer(X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) at SocketHttpListener.Net.HttpConnection..ctor(ILogger logger, Socket socket, EndPointListener epl, Boolean secure, X509Certificate cert, ICryptoProvider cryptoProvider, IMemoryStreamFactory memoryStreamFactory, ITextEncoding textEncoding, IFileSystem fileSystem, IEnvironmentInfo environment) at SocketHttpListener.Net.EndPointListener.ProcessAccept(Socket accepted) System.Security.Authentication.AuthenticationException at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.AuthenticateAsServer(X509Certificate serverCertificate, Boolean clientCertificateRequired, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) at SocketHttpListener.Net.HttpConnection..ctor(ILogger logger, Socket socket, EndPointListener epl, Boolean secure, X509Certificate cert, ICryptoProvider cryptoProvider, IMemoryStreamFactory memoryStreamFactory, ITextEncoding textEncoding, IFileSystem fileSystem, IEnvironmentInfo environment) at SocketHttpListener.Net.EndPointListener.ProcessAccept(Socket accepted) InnerException: Interop+OpenSsl+SslException Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) InnerException: Interop+Crypto+OpenSslCryptographicException Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca 2018-04-18 16:07:15.687 Info HttpServer: HTTP Response 200 to 192.168.42.240. Time: 4315ms (slow). http://192.168.42.99:8096/emby/users/cff1bf154390466dadb53a89645338aa/items Link to comment Share on other sites More sharing options...
syralk 12 Posted April 18, 2018 Author Share Posted April 18, 2018 Can you please attach the server log? Thanks i think the issue is there System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca just dont know how to fix it Link to comment Share on other sites More sharing options...
syralk 12 Posted April 19, 2018 Author Share Posted April 19, 2018 Hi, where does it say that error? I just try emby-server 3.3.1.0 on Arch Manjaro linux and the server work well with the same PFX so it could be only with the debian/ubuntu version Link to comment Share on other sites More sharing options...
Luke 36997 Posted April 28, 2018 Share Posted April 28, 2018 Thanks for the report. We are looking into it. Link to comment Share on other sites More sharing options...
orbitron 0 Posted June 2, 2018 Share Posted June 2, 2018 Thanks for the report. We are looking into it. I am seeing this same error in the official EmbyServer docker container. Link to comment Share on other sites More sharing options...
Luke 36997 Posted June 2, 2018 Share Posted June 2, 2018 I am seeing this same error in the official EmbyServer docker container. Please attach the emby server log. You can learn how to do that here: https://emby.media/community/index.php?/topic/739-how-to-report-a-problem/ Thanks. Link to comment Share on other sites More sharing options...
orbitron 0 Posted June 2, 2018 Share Posted June 2, 2018 Please attach the emby server log. You can learn how to do that here: https://emby.media/community/index.php?/topic/739-how-to-report-a-problem/ Thanks. Here you go! Thank you. emby-server.txt Link to comment Share on other sites More sharing options...
Luke 36997 Posted June 3, 2018 Share Posted June 3, 2018 Ok, i would suggest trying this again with the next release of emby server as there have been a number of changes in related areas. thanks. Link to comment Share on other sites More sharing options...
orbitron 0 Posted June 3, 2018 Share Posted June 3, 2018 Ok, i would suggest trying this again with the next release of emby server as there have been a number of changes in related areas. thanks. Will do! Thank you! Link to comment Share on other sites More sharing options...
Luke 36997 Posted June 5, 2018 Share Posted June 5, 2018 @@syralk in your case, same as well. thanks ! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now