Jump to content

HOWTO: create .pfx to use for https


34626

Recommended Posts

Im using Linux Ubuntu 16.04 64 bit and Asustor AS-604T ADM 3.2.1

This requires you do own a domain and have create a Lets Encrypt certificate!

Following ports should be open: 80, 443, 8096 and 8920

1. Login to ADM web interface > Settings > Certificate Manager - Click on Export Certificate.

2. Extract certificate.zip and open the folder certifiate

3. right click in the folder - select open terminal

4. enter the command:
* Please change the name of the give-me-a-name.pfx
* After execution of this command you will be prompted to create a password, this is recommanded!

openssl pkcs12 -export -out give-me-a-name.pfx -inkey ssl.key -in ssl.crt

5. Save the new create give-me-a-name.pfx file on your NAS in a shared folder of own choice

6. go to:
http://local.ip.of.nas:8096/

7. Go to Advanced and do the following

Check that Allow remote connection to this Emby Server is marked.
* add external domain name
* Custon ssl certificate path (Click on the magnifier right to the text field and navigate to where the .pfx file is.
* Certificate password - Add the password you entered after execution of step 4.
* Secure connection mode - Set to preferred, but not required.

8. Hit save and navigate to Controlpanel > Restart - Now you should be able to access the Emby Media Server from outside.

Link to post
Share on other sites
  • 4 weeks later...

Just to append what I did to my Asustor + Emby install, where it says above " * add external domain name ", I filled the complete NAS URL which is hostname + domain name. As opposed to what may lead to most to just insert the domain name, again, I inserted the full URL.

 

One quick note, for all the woes Asustor certainly has in terms of its software, for example, they can't ship a proper working WebDAV service on the NAS (gosh! Directly contacted Asustor as customer and nothing; only silence!), in turn, the Emby server seems to be working right and I'm pleased.

Edited by fgs
Link to post
Share on other sites
  • 1 year later...

Ditto.  Worked for me, thanks!

 

I'm very new to this, but I assume you'd need to update the pfx file any time the certificate is updated.  That being the case, I modified this a bit to be completely automated and created a cron job that handles the password, too:

0 1 * * * [path to openssl binary]/openssl pkcs12 -export -out [path to certificate]/ssl.pfx -inkey [path to certificate]/ssl.key -in [path to certificate]/ssl.crt -passout pass:[password]

Obviously you need to replace the parts in brackets to match your needs.

 

This runs the command to create the pfx file at 1:00 AM every morning.

 

NOTE:  for anyone else running an ASUSTOR, the path to the LE certificate on my machine is:

/volume0/usr/builtin/etc/certificate

Your mileage may vary.

  • Like 1
Link to post
Share on other sites
  • 11 months later...
freeflight29
On 3/25/2020 at 3:18 AM, Jägs said:

Ditto.  Worked for me, thanks!

 

I'm very new to this, but I assume you'd need to update the pfx file any time the certificate is updated.  That being the case, I modified this a bit to be completely automated and created a cron job that handles the password, too:


0 1 * * * [path to openssl binary]/openssl pkcs12 -export -out [path to certificate]/ssl.pfx -inkey [path to certificate]/ssl.key -in [path to certificate]/ssl.crt -passout pass:[password]

Obviously you need to replace the parts in brackets to match your needs.

 

This runs the command to create the pfx file at 1:00 AM every morning.

 

NOTE:  for anyone else running an ASUSTOR, the path to the LE certificate on my machine is:


/volume0/usr/builtin/etc/certificate

Your mileage may vary.

Hello jags, 

i'm not familiar with "linux", could you help me to create this cron job above ? i have an asustor. or tell me if there is any documentation on this subject ? 

Thanks for your help 

Link to post
Share on other sites
Luke
4 hours ago, freeflight29 said:

Hello jags, 

i'm not familiar with "linux", could you help me to create this cron job above ? i have an asustor. or tell me if there is any documentation on this subject ? 

Thanks for your help 

Hi, are you able to update your pfx manually? Becoming familiar with that process is the first step. Then after that you can look at automating it with a cron job.

Link to post
Share on other sites
freeflight29
18 hours ago, Luke said:

Hi, are you able to update your pfx manually? Becoming familiar with that process is the first step. Then after that you can look at automating it with a cron job.

hello luke that ok for the pfx now. i would to undersatand how to automating it,  i don't know where to put the script to make it work as cron job... So if you have some suggestion of link?  thank you.

Link to post
Share on other sites
Jägs
On 3/21/2021 at 5:07 PM, freeflight29 said:

Hello jags, 

i'm not familiar with "linux", could you help me to create this cron job above ? i have an asustor. or tell me if there is any documentation on this subject ? 

Thanks for your help 

The exact syntax is going to differ from system to system, but here's what I have on my ASUSTOR AS5304T:

0 1 * * * /usr/builtin/bin/openssl pkcs12 -export -out /volume0/usr/builtin/etc/certificate/ssl.pfx -inkey /volume0/usr/builtin/etc/certificate/ssl.key -in /volume0/usr/builtin/etc/certificate/ssl.crt -passout pass:##########

Where "##########" is the password you want to use.  You will enter this password into the Network settings under "Certificate password."

Edited by Jägs
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...