icsy7867 8 Posted May 25, 2018 Share Posted May 25, 2018 (edited) Hey guys! I was just fiddling around with my emby server currently running on Ubuntu. I was getting annoyed at having to convert my pem encoded certificates to a PFX format, so I made a little bash script. pretty simple scripting, but maybe it can help others. Keep in mind, this assumes that you have a folder called "certs" at your root, as well as a folder called "old" inside. So you have /certs/ and /certs/old The script is pretty simple and does three things ... moves and appends the date to your current PFX certificate called emby.pfx to a directory called old Assigns variables to the correct path and converts the cert to a PFX to the directory /certs restarts the emby server to load the new certificate. A couple things to note as well... Make sure to chain emby.domain.com to the correct domain name I am also using Ubuntu 16.04, so you may have "certbot" instead of "Letsencrypt" This needs to be ran AFTER your letsencrypt/certbot renew (Can also be easily added to this script) Would recommend a cronjob to run every so often Make sure to create the /certs and /certs/old directories Finally make sure the advanced portion of emby is set to use /certs/emby.pfx #!/bin/bash today=`date +%Y-%m-%d` mv /certs/emby.pfx /certs/old/emby.$today privkey=/etc/letsencrypt/live/emby.domain.com/privkey.pem cert=/etc/letsencrypt/live/emby.domain.com/cert.pem chain=/etc/letsencrypt/live/emby.domain.com/chain.pem openssl pkcs12 -export -out /certs/emby.pfx -inkey $privkey -in $cert -certfile $chain -password pass: service emby-server restart Edited May 25, 2018 by icsy7867 2 1 Link to comment Share on other sites More sharing options...
Luke 37099 Posted May 25, 2018 Share Posted May 25, 2018 Great stuff, thanks ! Link to comment Share on other sites More sharing options...
mastrmind11 717 Posted May 25, 2018 Share Posted May 25, 2018 well done. Link to comment Share on other sites More sharing options...
chowbok 77 Posted June 8, 2018 Share Posted June 8, 2018 (edited) Thanks for this. It'd be cool, though, if Emby could be made to accept separate PEM files, so that this wasn't necessary. Edited June 8, 2018 by chowbok Link to comment Share on other sites More sharing options...
chowbok 77 Posted June 8, 2018 Share Posted June 8, 2018 By the way, I haven't tried it yet, but I think you can just drop that script in /etc/letsencrypt/renewal-hooks/post and it will automatically run whenever the cert is renewed. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now