afullmark 20 Posted April 29, 2018 Share Posted April 29, 2018 (edited) I first suggested this here: https://emby.media/community/index.php?/topic/54586-security-101-secure-connections/page-9&do=findComment&comment=572225 Could a complete guide to how to setup SSL with the emby server (Window, Mac...) be in the official wiki; it's all a bit fragmented currently and, I'm sure, quite off putting for non-technical folk moving from, say, plex – where SSL is all taken care of. There are probably a hundred and one methods, but if the wiki could focus on the recommended or preferred version that emby thinks best. Plus, it would make any solution slightly more official and give peace of mind, as opposed to finding a solution via the forums. This would need to be step-by-step with visual aids also. And address points (how-tos) for renewing SSL certificates etc. Yep, I still do believe that emby should fold all this SSL business into Emby Connect, and including the fee into the premium membership or as an add-on. I love the flexibility of emby but have never really moved over from plex because of the ease-of-use factor. Edited April 29, 2018 by afullmark 6 Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 25, 2018 Share Posted July 25, 2018 Thanks for posting this. I don't suppose by chance you know of a how-to (step-by-step) for using the Certify The Web app to install a Let's Encrypt SSL Certificate for Emby, do you? 1 Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 26, 2018 Share Posted July 26, 2018 Yes I agree we should offer something like this. Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 26, 2018 Share Posted July 26, 2018 Thanks for posting this. I don't suppose by chance you know of a how-to (step-by-step) for using the Certify The Web app to install a Let's Encrypt SSL Certificate for Emby, do you? There is a procedure here: https://emby.media/community/index.php?/topic/42315-creating-a-letsencrypt-ssl-certificate-for-emby/ Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 29, 2018 Share Posted July 29, 2018 Thanks Luke! Only problem for me is I don't know scripting or Linux, so it's pretty difficult for me to follow that procedure. My situation is: I'm using Windows Server 2016 Standard (with Essentials Dashboard). I used the Essentials Dashboard and the CertifyTheWeb app to easily setup Anywhere Access (RDP & VPN) using my own domain (https://remote.mydomain.com/remote). So I guess I have a prerequisite question: Can I use the same Let's Encrypt SSL Certificate via CertifyTheWeb that I created for my remote access, or would I have to setup a separate one for Emby Media Server? Thanks again for your help! James Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 29, 2018 Share Posted July 29, 2018 Another question: Since I already have a domain, a DDNS for my computer/server where Emby is installed, and a Let's Encrypt SSL Certificate, is it as easy as filling in the External domain, Custom ssl certificate path, Certificate password, and Secure connection mode under Settings > Expert > Advanced section (see below)? Thanks, James Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 30, 2018 Share Posted July 30, 2018 Yes. Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 Thanks for the quick reply Luke! You rock!! Wow, that would be great if it is that easy! So just to clarify, I'm already using my Let's Encrypt SSL Certificate for my Anywhere Access (VPN & RDP) to my Windows Server 2016. I just don't know exactly how the Certificates work. So I can use the same one I already have for my Emby Media Server connection? I just want to clarify because I don't want to mess up what i already have set up. Thanks again Luke! James Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 30, 2018 Share Posted July 30, 2018 If the domain attached to the cert is the same, yes. Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 I've been following this tutorial "Let's Encrypt, Emby Server, and Windows", except I skipped Step 4.8-4.13 because I think Emby Server can handle PFX files with passwords now (please correct me if I'm wrong). I used a subdomain of my main domain, created a new "website" for it in IIS Manager called "Emby," created another Let's Encrypt SSL Certificate via CertifyTheWeb app, and plugged the resulting file/info into Emby Server. External Domain: media.<mydomain>.com SSL Certificate Path: <...>\SSLcertEmby.pfx Password: <PFX file password> Secure Connection: Required for all remote connections I restarted the Emby Server and the Dashboard reports Remote (WAN) access: https://media.<mydomain>.com:8920/. Everything seemed to go well, but I can't access the site. Can you think of anything I might have missed? 1 Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 Also, does Emby use Mono's web server or Microsoft's web server, Internet Information Services (IIS)? Maybe that would make a difference here? Thanks again, James Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 30, 2018 Share Posted July 30, 2018 Can you attach the emby server log? Thanks. Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 Are you talking about this file: C:\Users\Administrator\AppData\Roaming\Emby-Server\programdata\logs\embyserver.txt? or do you need all the others too? There are six other files with numbers, like embyserver-63668246400.txt. Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 30, 2018 Share Posted July 30, 2018 Yes. The one from the time frame in which you tried to connect Thanks. Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 Okay, here it is, hopefully. embyserverLogs.zip Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 Luke, can you tell me does Emby use Mono's web server or Microsoft's web server, Internet Information Services (IIS)? Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 30, 2018 Share Posted July 30, 2018 Microsoft. Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 30, 2018 Share Posted July 30, 2018 The most recent log had no incoming https requests so it sounds like it's just not getting through to emby server. Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 The most recent log file was from this morning; I threw it in just in case, but the other two were from when I was trying to set it up and connect last night. I think I may have tried to connect one time this morning, but I can't remember for sure now. Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 30, 2018 Share Posted July 30, 2018 Same with the other two. Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 Okay, so maybe things are getting through the router's firewall? It seemed when I was doing the initial configuration of the server that I saw of list of ports that needed to be opened, or maybe I saw it in a tutorial. Can you tell me what ports need to be forwarded/opened in the router's firewall? Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 30, 2018 Share Posted July 30, 2018 8920 for https, 8096 for http. Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 Is that for the Windows firewall, because I know those ports are open? Are there any ports that need to be forwarded in my router? Thanks, James Link to comment Share on other sites More sharing options...
Luke 37065 Posted July 30, 2018 Share Posted July 30, 2018 Yes, 8920 to 8920 for https, 8096 to 8096 for http. Our connection troubleshooter may also help: https://github.com/MediaBrowser/Wiki/wiki/Connectivity Thanks. Link to comment Share on other sites More sharing options...
larsonDigital 7 Posted July 30, 2018 Share Posted July 30, 2018 Hey Luke, that was it! I just needed to forward the 8920 port for https connection. Thanks for your help!! I can change that port, correct? It doesn't have to be 8920 and 8096, right? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now