neik 837 Posted April 28, 2018 Share Posted April 28, 2018 Hello guys, first of all: Thanks to all the developers of Emby for Kodi. This is a great PlugIn! My current setup is as follows: Server: Emby Server 3.2.70.0 with Let's Encrypt certificate for securing the remote connection Client(s): FTVS Gen2 with latest Emby for Kodi (as of today: 3.0.22) Unfortunately, I am having some issues with the Emby for Kodi PlugIn: 1. I am experiencing some random playback issues that lead to Kodi stopping the playback. More information + logs please see over here -> https://emby.media/community/index.php?/topic/56615-occasional-playback-issues/&do=findComment&comment=571772 2. Whenever I update to a newer version than 3.2.70 of the Emby Server Emby for Kodi can't connect to the server anymore using SSL. The only solution is to disable the "Verify Host SSL Certificate" in the settings. If it is enabled then I get a handshake error (see post here: https://emby.media/community/index.php?/topic/57306-server-crashing-with-specific-client/page-2&do=findComment&comment=562394) I just saw this page on github -> https://github.com/MediaBrowser/plugin.video.emby/wiki/Emby-for-kodi-settings There it says: "Client SSL certificate: Takes a .pem certificate(...)". Does this mean I need to add the pem-file of the Let's Encrypt certificate to the client to solve this issue? Also tried EmbyCon instead of Emby for Kodi but same issue occurs -> "Certification verification failed" Any hint to a solution is appreciated! If you need further information, just let me know. Thanks a lot! Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted April 28, 2018 Share Posted April 28, 2018 Can you provide your Kodi log? Thanks. Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
neik 837 Posted April 28, 2018 Author Share Posted April 28, 2018 (edited) Hi Angelblue05, here you go, the spmc and emby server log for the first issue: spmc.log emby_log_error_500.txt Unfortunately, I don't have a Kodi/SPMC log for the second issue only an excerpt from the emby server: 2018-03-30 12:12:21.742 Error HttpServer: Error in ProcessAccept*** Error Report ***Version: 3.3.1.11Command line: /opt/emby-server/system/EmbyServer.dll -programdata /var/lib/emby -ffmpeg /opt/emby-server/bin/ffmpeg -ffprobe /opt/emby-server/bin/ffprobe -restartexitcode 3 -updatepackage emby-server-deb_{version}_amd64.debOperating system: Unix 4.14.24.164-Bit OS: True64-Bit Process: TrueUser Interactive: TrueProcessor count: 2Program data path: /var/lib/embyApplication directory: /opt/emby-server/systemSystem.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) --- End of inner exception stack trace --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__28.MoveNext()System.Security.Authentication.AuthenticationException at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__28.MoveNext()InnerException: Interop+OpenSsl+SslExceptionInterop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired)InnerException: Interop+Crypto+OpenSslCryptographicExceptionInterop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca2018-03-30 12:12:22.311 Error HttpServer: Error in ProcessAccept*** Error Report ***Version: 3.3.1.11Command line: /opt/emby-server/system/EmbyServer.dll -programdata /var/lib/emby -ffmpeg /opt/emby-server/bin/ffmpeg -ffprobe /opt/emby-server/bin/ffprobe -restartexitcode 3 -updatepackage emby-server-deb_{version}_amd64.debOperating system: Unix 4.14.24.164-Bit OS: True64-Bit Process: TrueUser Interactive: TrueProcessor count: 2Program data path: /var/lib/embyApplication directory: /opt/emby-server/systemSystem.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) --- End of inner exception stack trace --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__28.MoveNext()System.Security.Authentication.AuthenticationException at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__28.MoveNext()InnerException: Interop+OpenSsl+SslExceptionInterop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired)InnerException: Interop+Crypto+OpenSslCryptographicExceptionInterop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca2018-03-30 12:12:22.902 Error HttpServer: Error in ProcessAccept*** Error Report ***Version: 3.3.1.11Command line: /opt/emby-server/system/EmbyServer.dll -programdata /var/lib/emby -ffmpeg /opt/emby-server/bin/ffmpeg -ffprobe /opt/emby-server/bin/ffprobe -restartexitcode 3 -updatepackage emby-server-deb_{version}_amd64.debOperating system: Unix 4.14.24.164-Bit OS: True64-Bit Process: TrueUser Interactive: TrueProcessor count: 2Program data path: /var/lib/embyApplication directory: /opt/emby-server/systemSystem.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) --- End of inner exception stack trace --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__28.MoveNext()System.Security.Authentication.AuthenticationException at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__28.MoveNext()InnerException: Interop+OpenSsl+SslExceptionInterop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired)InnerException: Interop+Crypto+OpenSslCryptographicExceptionInterop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca2018-03-30 12:12:23.449 Error HttpServer: Error in ProcessAccept*** Error Report ***Version: 3.3.1.11Command line: /opt/emby-server/system/EmbyServer.dll -programdata /var/lib/emby -ffmpeg /opt/emby-server/bin/ffmpeg -ffprobe /opt/emby-server/bin/ffprobe -restartexitcode 3 -updatepackage emby-server-deb_{version}_amd64.debOperating system: Unix 4.14.24.164-Bit OS: True64-Bit Process: TrueUser Interactive: TrueProcessor count: 2Program data path: /var/lib/embyApplication directory: /opt/emby-server/systemSystem.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) --- End of inner exception stack trace --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__28.MoveNext()System.Security.Authentication.AuthenticationException at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()--- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__28.MoveNext()InnerException: Interop+OpenSsl+SslExceptionInterop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired)InnerException: Interop+Crypto+OpenSslCryptographicExceptionInterop+Crypto+OpenSslCryptographicException: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca As you can see the server reports: "(...)alert unknown ca(...)" and a handshake issue. Shouldn't Let's Encrypt be a known and trusted ca? Can this handshake issue be caused by not having the pem-file in the "Client SSL certificate" on the client side? Thanks! Edited April 28, 2018 by neik Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted April 28, 2018 Share Posted April 28, 2018 (edited) Did you enable verify host ssl certificate in the add-on settings? If it is enabled, have you tried without? From my understanding of the documentation. If you don't have a client certificate, it is normal. It seems to be about older ssl setup that had host/client pair of certificate. Sent from my iPhone using Tapatalk Edited April 28, 2018 by Angelblue05 Link to comment Share on other sites More sharing options...
neik 837 Posted April 28, 2018 Author Share Posted April 28, 2018 Did you enable verify host ssl certificate in the add-on settings? If it is enabled, have you tried without? From my understanding of the documentation. If you don't have a client certificate, it is normal. It seems to be about older ssl setup that had host/client pair of certificate. Sent from my iPhone using Tapatalk Yes, the verification is enabled and it is working flawlessly as long as I stay on the server version 3.2.70.0. Whenever I go to 3.3.1.x (stable or beta doesn't matter) I can no longer connect to the server. Well, I do have a pem-certificate that Let's Encrypt created but currently I am only using the pfx-certificate on the server side because with 3.2.70.0 it is working the way I expect it to work. Do you think putting the pem-certificate on the client side could solve the problem? This looks like a server side issue. What happens if you connect to the server using https in a browser, by you get a browser warning that the cert is not valid? IIRC then using a browser (Edge) was no problem. What I can confirm for sure is that the Android App was streaming. Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted April 28, 2018 Share Posted April 28, 2018 I don't think so, but it sounds like a server issue to me. You said you tried beta, did you check the new settings under advanced, regarding secure mode? Link to comment Share on other sites More sharing options...
neik 837 Posted April 29, 2018 Author Share Posted April 29, 2018 I think I didn't change anything on that besides adding my hostname + certificate as I do on 3.2.70.0 but to be honest I am not absolutely sure anymore. I will update to 3.3.x once again so that we can try to figure out the problem. What would you recommend, latest beta or stable? Probably the beta, right? 1 Link to comment Share on other sites More sharing options...
neik 837 Posted April 30, 2018 Author Share Posted April 30, 2018 @@Angelblue05, regarding the SSL issue: I asked Luke and he also thinks that it is a Emby server issue in connection with Ubuntu (https://emby.media/community/index.php?/topic/58139-error-60-ssl-certificate), so I will be trying to solve that with him. Thanks so far! :-) Remains the first issue, which I think I was able to narrow down a bit: When I start a stream and watch it from the beginning till the end the everything is fine. The problem start when I fast forward or skip ahead. Whenever I skip ahead/fast forward Emby for Kodi seems to reopen the file without closing the other connection which then leads to something like this where the file is opened 16 times although only one client is streaming was streaming that file: Output lsof /mountpoint: mono-sgen 11004 emby 56r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 62r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 64r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 66r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 68r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 70r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 72r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 74r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 76r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 78r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 80r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 82r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 84r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 86r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkvmono-sgen 11004 emby 88r REG 0,43 4396941271 8205405326195636191 /mountpoint/testfile.mkv With the official App for Android this does not happen, it doesn't matter how often I skip ahead or fast forward lsof shows that the file is only opened once. To me it seems an issue with Emby for Kodi, what do you think? I do not have a Debug log right know but can reproduce it in case you need one. Thanks! 1 Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted April 30, 2018 Share Posted April 30, 2018 It's a Kodi issue. I've seen other non-emby users with this same problem. Emby for kodi only provides where to find the file to Kodi. But everything regarding playback itself is controlled by Kodi. Do you have any advancedsettings setup regarding buffering? Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
neik 837 Posted April 30, 2018 Author Share Posted April 30, 2018 (edited) Ok, didn't know that but then I suppose there isn't a solution to this, right? Yes, I do have an advancedsettings.xml for increasing the default buffer: -<advancedsettings> -<cache> <buffermode>1</buffermode> <memorysize>139460608</memorysize> <readfactor>20</readfactor> </cache> </advancedsettings> Is there anything I should add or remove there? €dit: I opened a topic over at the Kodi Forum -> https://forum.kodi.tv/showthread.php?tid=331476&pid=2730869#pid2730869 Maybe they have a solution... Edited May 1, 2018 by neik Link to comment Share on other sites More sharing options...
neik 837 Posted May 6, 2018 Author Share Posted May 6, 2018 @@Angelblue05, in case it help you can find a kodi log with activated debug for Emby for Kodi over here: https://paste.ubuntu.com/p/cx4PQhnz4y/ The guys over at Kodi doesn't seem to be so sure if it really is a Kodi problem... 1 Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted May 6, 2018 Share Posted May 6, 2018 @@neik Ok. No problem, at least we know for sure. Well you are direct playing over http. But it seems your files are missing their runtime. So maybe that has to do with it? I've never seen this issue cause playback to end prematurely. But let's try to fix this one issue and see if it makes that bug go away. Try to refresh this episode from your log: Sheldon, Newton und Euklid In the web client select that episode > 3 dots menu > refresh metadata. Try refresh all metadata This is what you should see when your runtime is filled: 1 Link to comment Share on other sites More sharing options...
neik 837 Posted May 8, 2018 Author Share Posted May 8, 2018 Hi @@Angelblue05, thanks for your effort! That Young Sheldon episode was chosen randomly, this issue happens with every file I skip ahead / fast forward during playback. Actually, I just recently had my library completely rescanned due to the update to 3.4.0.0 and the requirement of purge the old mono version. That's exactly how it looks like and underneath it there is the plot of the episode. Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted May 8, 2018 Share Posted May 8, 2018 So the runtime is filled? Can you provide a new kodi log playing this title and checking if it ends before the end? In your previous log, that episode had no runtime. Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
neik 837 Posted May 8, 2018 Author Share Posted May 8, 2018 Yes, I can provide a new log. Would you need a Kodi debug as well or is the debug of just the plugin enough? This might be a dumb question but what do you mean with runtime exactly? Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted May 9, 2018 Share Posted May 9, 2018 The video length. See how it says 20mins. And at what time it will end. Is this what you are seeing in the webclient. Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
neik 837 Posted May 11, 2018 Author Share Posted May 11, 2018 Yes, I can see that. It looks like this: 1 Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted May 11, 2018 Share Posted May 11, 2018 Ok so provide a new log. Kodi debug enabled. Thanks. Again, I am 100% sure it has nothing to do with Emby for Kodi but I'll try to help you figure out what the issue might be. 1 Link to comment Share on other sites More sharing options...
neik 837 Posted May 11, 2018 Author Share Posted May 11, 2018 (edited) Big thanks for your effort, @@Angelblue05. I finally managed to get those debug logs, you will find them attached (one server log and one kodi log). What I did was to start Young Sheldon (S01E01) and skip ahead a bit then I closed it and opened Avatar (S01E01) and did the same and finally I opened Arrow (S02E07). At the end lsof /mountpoint showed this: EmbyServe 7776 emby 193rR REG 0,44 1160074753 8899346121796844549 /media/cry/series/Young Sheldon (2017)/S01/Young_Sheldon_1x01_Sheldon,_Newton_und_Euklid.mkvEmbyServe 7776 emby 195rR REG 0,44 1160074753 8899346121796844549 /media/cry/series/Young Sheldon (2017)/S01/Young_Sheldon_1x01_Sheldon,_Newton_und_Euklid.mkvEmbyServe 7776 emby 197rR REG 0,44 1160074753 8899346121796844549 /media/cry/series/Young Sheldon (2017)/S01/Young_Sheldon_1x01_Sheldon,_Newton_und_Euklid.mkvEmbyServe 7776 emby 199rR REG 0,44 1160074753 8899346121796844549 /media/cry/series/Young Sheldon (2017)/S01/Young_Sheldon_1x01_Sheldon,_Newton_und_Euklid.mkvEmbyServe 7776 emby 201rR REG 0,44 187878824 15892319053650651649 /media/cry/series/Avatar_Herr_der_Elemente/S01/S01E01.aviEmbyServe 7776 emby 203rR REG 0,44 1160074753 8899346121796844549 /media/cry/series/Young Sheldon (2017)/S01/Young_Sheldon_1x01_Sheldon,_Newton_und_Euklid.mkvEmbyServe 7776 emby 205rR REG 0,44 187878824 15892319053650651649 /media/cry/series/Avatar_Herr_der_Elemente/S01/S01E01.aviEmbyServe 7776 emby 207rR REG 0,44 187878824 15892319053650651649 /media/cry/series/Avatar_Herr_der_Elemente/S01/S01E01.aviEmbyServe 7776 emby 209rR REG 0,44 187878824 15892319053650651649 /media/cry/series/Avatar_Herr_der_Elemente/S01/S01E01.aviEmbyServe 7776 emby 211rR REG 0,44 187878824 15892319053650651649 /media/cry/series/Avatar_Herr_der_Elemente/S01/S01E01.aviEmbyServe 7776 emby 213rR REG 0,44 187878824 15892319053650651649 /media/cry/series/Avatar_Herr_der_Elemente/S01/S01E01.aviEmbyServe 7776 emby 215rR REG 0,44 187878824 15892319053650651649 /media/cry/series/Avatar_Herr_der_Elemente/S01/S01E01.aviEmbyServe 7776 emby 217rR REG 0,44 187878824 15892319053650651649 /media/cry/series/Avatar_Herr_der_Elemente/S01/S01E01.aviEmbyServe 7776 emby 219rR REG 0,44 187878824 15892319053650651649 /media/cry/series/Avatar_Herr_der_Elemente/S01/S01E01.aviEmbyServe 7776 emby 221rR REG 0,44 3983812997 11453961692936594274 /media/cry/series/Arrow/S02/S02E07.mkvEmbyServe 7776 emby 223rR REG 0,44 3983812997 11453961692936594274 /media/cry/series/Arrow/S02/S02E07.mkvEmbyServe 7776 emby 225rR REG 0,44 3983812997 11453961692936594274 /media/cry/series/Arrow/S02/S02E07.mkv Before I updated Emby for Kodi to 3.0.23. embyserver_debug-open files.txt kodi_debug-open files.log Edited May 11, 2018 by neik Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted May 11, 2018 Share Posted May 11, 2018 And which episode ended before the end? Link to comment Share on other sites More sharing options...
neik 837 Posted May 11, 2018 Author Share Posted May 11, 2018 And which episode ended before the end? Right before I closed Kodi the last episode I played was Arrow (S02E07). From what I can see in your log you are using HTTP direct stream to play the file. This method requests from the Emby Server a HTTP connection to stream the data for playback. For some reason each time you skip the Emby Server is opening the file with a new file handle, this is probably due to some internal mechanism, I don't know what without digging into the source of the server, however this would explain why you see multiple open files handles in your lsof. Do the open files eventually close? My assumption here is Emby Server keeps the files open for a while until it cleans up its internal references to the HTTP streaming engine it uses, this may take minutes. Yes, they do close but I can't tell you exactly how long they remain open till they are closed but at least a couple of minutes. When you skip and a new file handle is opened by that, shouldn't the old one get closed? It shouldn't be necessary anymore, right? Link to comment Share on other sites More sharing options...
Recommended Posts