Jump to content
34626

HOWTO: create .pfx to use for https

Recommended Posts

34626

Im using Linux Ubuntu 16.04 64 bit and Asustor AS-604T ADM 3.2.1

This requires you do own a domain and have create a Lets Encrypt certificate!

Following ports should be open: 80, 443, 8096 and 8920

1. Login to ADM web interface > Settings > Certificate Manager - Click on Export Certificate.

2. Extract certificate.zip and open the folder certifiate

3. right click in the folder - select open terminal

4. enter the command:
* Please change the name of the give-me-a-name.pfx
* After execution of this command you will be prompted to create a password, this is recommanded!

openssl pkcs12 -export -out give-me-a-name.pfx -inkey ssl.key -in ssl.crt

5. Save the new create give-me-a-name.pfx file on your NAS in a shared folder of own choice

6. go to:
http://local.ip.of.nas:8096/

7. Go to Advanced and do the following

Check that Allow remote connection to this Emby Server is marked.
* add external domain name
* Custon ssl certificate path (Click on the magnifier right to the text field and navigate to where the .pfx file is.
* Certificate password - Add the password you entered after execution of step 4.
* Secure connection mode - Set to preferred, but not required.

8. Hit save and navigate to Controlpanel > Restart - Now you should be able to access the Emby Media Server from outside.

Share this post


Link to post
Share on other sites
Luke

Great info, thanks !

Share this post


Link to post
Share on other sites
fgs

Just to append what I did to my Asustor + Emby install, where it says above " * add external domain name ", I filled the complete NAS URL which is hostname + domain name. As opposed to what may lead to most to just insert the domain name, again, I inserted the full URL.

 

One quick note, for all the woes Asustor certainly has in terms of its software, for example, they can't ship a proper working WebDAV service on the NAS (gosh! Directly contacted Asustor as customer and nothing; only silence!), in turn, the Emby server seems to be working right and I'm pleased.

Edited by fgs

Share this post


Link to post
Share on other sites
notkaa

Work like a charm on my QNAP System, thank you

Share this post


Link to post
Share on other sites
Luke

Thanks for the feedback !

Share this post


Link to post
Share on other sites
Jägs

Ditto.  Worked for me, thanks!

 

I'm very new to this, but I assume you'd need to update the pfx file any time the certificate is updated.  That being the case, I modified this a bit to be completely automated and created a cron job that handles the password, too:

0 1 * * * [path to openssl binary]/openssl pkcs12 -export -out [path to certificate]/ssl.pfx -inkey [path to certificate]/ssl.key -in [path to certificate]/ssl.crt -passout pass:[password]

Obviously you need to replace the parts in brackets to match your needs.

 

This runs the command to create the pfx file at 1:00 AM every morning.

 

NOTE:  for anyone else running an ASUSTOR, the path to the LE certificate on my machine is:

/volume0/usr/builtin/etc/certificate

Your mileage may vary.

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...