Jump to content


HOWTO: create .pfx to use for https

asustor pfx ubuntu linux terminal https ssl key

  • Please log in to reply
5 replies to this topic

#1 34626 OFFLINE  



  • Members
  • 9 posts
  • Local time: 04:05 AM

Posted 13 October 2018 - 07:14 AM

Im using Linux Ubuntu 16.04 64 bit and Asustor AS-604T ADM 3.2.1

This requires you do own a domain and have create a Lets Encrypt certificate!

Following ports should be open: 80, 443, 8096 and 8920

1. Login to ADM web interface > Settings > Certificate Manager - Click on Export Certificate.

2. Extract certificate.zip and open the folder certifiate

3. right click in the folder - select open terminal

4. enter the command:
* Please change the name of the give-me-a-name.pfx
* After execution of this command you will be prompted to create a password, this is recommanded!

openssl pkcs12 -export -out give-me-a-name.pfx -inkey ssl.key -in ssl.crt

5. Save the new create give-me-a-name.pfx file on your NAS in a shared folder of own choice

6. go to:

7. Go to Advanced and do the following

Check that Allow remote connection to this Emby Server is marked.
* add external domain name
* Custon ssl certificate path (Click on the magnifier right to the text field and navigate to where the .pfx file is.
* Certificate password - Add the password you entered after execution of step 4.
* Secure connection mode - Set to preferred, but not required.

8. Hit save and navigate to Controlpanel > Restart - Now you should be able to access the Emby Media Server from outside.

#2 Luke OFFLINE  


    System Architect

  • Administrators
  • 153197 posts
  • Local time: 11:05 PM

Posted 13 October 2018 - 11:25 AM

Great info, thanks !

#3 fgs OFFLINE  



  • Members
  • 12 posts
  • Local time: 01:05 AM

Posted 11 November 2018 - 10:12 AM

Just to append what I did to my Asustor + Emby install, where it says above " * add external domain name ", I filled the complete NAS URL which is hostname + domain name. As opposed to what may lead to most to just insert the domain name, again, I inserted the full URL.


One quick note, for all the woes Asustor certainly has in terms of its software, for example, they can't ship a proper working WebDAV service on the NAS (gosh! Directly contacted Asustor as customer and nothing; only silence!), in turn, the Emby server seems to be working right and I'm pleased.

Edited by fgs, 11 November 2018 - 10:13 AM.

#4 notkaa OFFLINE  


    Advanced Member

  • Members
  • 48 posts
  • Local time: 05:05 AM
  • LocationFrance

Posted 11 November 2018 - 10:39 AM

Work like a charm on my QNAP System, thank you

#5 Luke OFFLINE  


    System Architect

  • Administrators
  • 153197 posts
  • Local time: 11:05 PM

Posted 11 November 2018 - 06:31 PM

Thanks for the feedback !

#6 Jägs OFFLINE  


    Advanced Member

  • Members
  • 59 posts
  • Local time: 10:05 PM

Posted 24 March 2020 - 10:18 PM

Ditto.  Worked for me, thanks!


I'm very new to this, but I assume you'd need to update the pfx file any time the certificate is updated.  That being the case, I modified this a bit to be completely automated and created a cron job that handles the password, too:

0 1 * * * [path to openssl binary]/openssl pkcs12 -export -out [path to certificate]/ssl.pfx -inkey [path to certificate]/ssl.key -in [path to certificate]/ssl.crt -passout pass:[password]

Obviously you need to replace the parts in brackets to match your needs.


This runs the command to create the pfx file at 1:00 AM every morning.


NOTE:  for anyone else running an ASUSTOR, the path to the LE certificate on my machine is:


Your mileage may vary.

  • Luke likes this

Also tagged with one or more of these keywords: asustor, pfx, ubuntu, linux, terminal, https, ssl, key

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users