Jump to content


Photo
* * * * * 1 votes

Chromecast problem


  • Please log in to reply
49 replies to this topic

#21 Netbug OFFLINE  

Netbug

    Advanced Member

  • Members
  • 233 posts
  • Local time: 04:54 PM

Posted 15 February 2019 - 07:12 PM

I am suddenly encountering this problem as well.

 

Any chance you could provide step-by-step instructions on how to do that certificate creation, willvincent?



#22 willvincent OFFLINE  

willvincent

    Member

  • Members
  • 17 posts
  • Local time: 03:54 PM

Posted 15 February 2019 - 11:12 PM

Doubtful all the necessary functionality is built into my OPNSense router.

 

Still a bit of a hassle anyway as I still get the 'non valid' certificate warning. But so long as there is _a_ certificate, valid or not, so that you can have an https connection, that ought to be sufficient.



#23 Netbug OFFLINE  

Netbug

    Advanced Member

  • Members
  • 233 posts
  • Local time: 04:54 PM

Posted 16 February 2019 - 09:23 AM

Well that's unfortunate. I'm running it on an unRAID system and it's really causing problems for me. Hopefully they're able to get a fix for it soon.



#24 Eddie OFFLINE  

Eddie

    Advanced Member

  • Members
  • 140 posts
  • Local time: 04:54 PM

Posted 18 February 2019 - 04:14 PM

My setup was working great for 100 + days

emby 3.5 ish running on a headless ubuntu install 18.04..

1 day chrome stopped being able to cast emby but i was able to cast using youtube etc...

I just found this thread and see that i need to use HTTPS.

 

Is there going to be a fix for this or will i have to make my own cert so i can use HTTPS?

 

Dont want to "waste" my time figuring out how to make HTTPS work if you are working on a fix is all...

 

Thanks in advance



#25 Luke OFFLINE  

Luke

    System Architect

  • Administrators
  • 124163 posts
  • Local time: 04:54 PM

Posted 18 February 2019 - 06:37 PM

@Eddie this is a Chrome requirement. What fix are you hoping for?



#26 willvincent OFFLINE  

willvincent

    Member

  • Members
  • 17 posts
  • Local time: 03:54 PM

Posted 18 February 2019 - 06:43 PM

The only relevant fix I can think of would be exposing the ability to set a custom SSL cert for internal connections, which is only currently possible if you enable external connections.

What I did was enable external connections so that I could populate my custom self-signed cert, but I'm not actually forwarding any external traffic to emby, so it's not possible to hit the server from outside my local network anyway, but enabling external connections within the emby server config allowed defining the certificate to use for https.


The only other thing I could think of that would ease this a bit would be providing a tool to generate and/or obtain a cert to use (letsencrypt, for example)

I've read that it is at least theoretically possible to generate a letsencrypt cert for internal network usage, but you'd have to have a domain to associate it with that is publicly accessible, so that's not super straightforward/easy and not an emby-specific issue.  The only emby specific issue is how one actually defines what cert to use. Which I believe Luke has already stated would be addressed



#27 Luke OFFLINE  

Luke

    System Architect

  • Administrators
  • 124163 posts
  • Local time: 04:54 PM

Posted 18 February 2019 - 06:51 PM

 

 

The only relevant fix I can think of would be exposing the ability to set a custom SSL cert for internal connections

 

Yes that would be fine. Also for those who may have missed it, you can also use the web app over localhost, or our android mobile app, or iOS app.



#28 willvincent OFFLINE  

willvincent

    Member

  • Members
  • 17 posts
  • Local time: 03:54 PM

Posted 18 February 2019 - 06:58 PM

you can also use the web app over localhost

Doesn't that necessitate that the server be running on the local machine?



#29 Luke OFFLINE  

Luke

    System Architect

  • Administrators
  • 124163 posts
  • Local time: 04:54 PM

Posted 18 February 2019 - 06:58 PM

Yes but for some that will be the case.

#30 Eddie OFFLINE  

Eddie

    Advanced Member

  • Members
  • 140 posts
  • Local time: 04:54 PM

Posted 19 February 2019 - 12:41 AM

Well i was hoping that magically this could be addressed by an update on emby's end but if that is not possible then i will look into setting up a cert for https.... i should of prob set one up anyways ... any guides you recommend to follow...

I know i can use android app or ios app but in my current situation i do not have acceess to that and only have a ubuntu client so i cant install the home theater program for windows.. im forced into using the chrome browser to cast it.. thanks for the reply



#31 Netbug OFFLINE  

Netbug

    Advanced Member

  • Members
  • 233 posts
  • Local time: 04:54 PM

Posted 19 February 2019 - 12:11 PM

If anyone can recommend a good step-by-step guide for setting up a cert, it would be very much appreciated. This is causing me a great deal of grief.



#32 Joe Farmer OFFLINE  

Joe Farmer

    Member

  • Members
  • 12 posts
  • Local time: 08:54 AM

Posted 25 February 2019 - 07:34 PM

@Eddie this is a Chrome requirement. What fix are you hoping for?

Hi Luke,

Can you help me to understand why this is not an Emby issue? Other sites that I use to stream from my daughter's laptop to her Chromecast still work fine ie. Netflix and Youtube but Emby does not. On a very basic level that would seem to me to be something that Emby needs to fix.



#33 Luke OFFLINE  

Luke

    System Architect

  • Administrators
  • 124163 posts
  • Local time: 04:54 PM

Posted 25 February 2019 - 10:33 PM

Because those sites are running under https. It's not easy for is to just provide that for your server because first you need a domain name to attach the certificate to.

#34 willvincent OFFLINE  

willvincent

    Member

  • Members
  • 17 posts
  • Local time: 03:54 PM

Posted 25 February 2019 - 11:22 PM

For what it's worth.. a self-signed certificate does work just fine. It's not strictly necessary to expose the server to the net.

Chrome of course will complain that you're accessing an untrusted site:
5c74b05669657_20190225_2119.png

But after clicking 'proceed' everything will work just fine, you'll see "Not secure" in the address bar, otherwise it's all good.

5c74b0de71898_20190225_2111.png

5c74b100b9cee_20190225_2111_1.png

5c74b0ec38972_20190225_2111_2.png

If you need/want it accessible outside your local network, then yes you'll need a domain, and a proper certificate like those available freely via letsencrypt (note they need frequent refreshing as they're only valid for a few months at a time)



#35 Joe Farmer OFFLINE  

Joe Farmer

    Member

  • Members
  • 12 posts
  • Local time: 08:54 AM

Posted 25 February 2019 - 11:28 PM

For what it's worth.. a self-signed certificate does work just fine. It's not strictly necessary to expose the server to the net.
 

 

Thanks, guess I'll have to look into how to create a self-signed cert then hey!



#36 Netbug OFFLINE  

Netbug

    Advanced Member

  • Members
  • 233 posts
  • Local time: 04:54 PM

Posted 26 February 2019 - 08:21 AM

For what it's worth.. a self-signed certificate does work just fine. It's not strictly necessary to expose the server to the net.

Chrome of course will complain that you're accessing an untrusted site:
5c74b05669657_20190225_2119.png

But after clicking 'proceed' everything will work just fine, you'll see "Not secure" in the address bar, otherwise it's all good.

5c74b0de71898_20190225_2111.png

5c74b100b9cee_20190225_2111_1.png

5c74b0ec38972_20190225_2111_2.png

If you need/want it accessible outside your local network, then yes you'll need a domain, and a proper certificate like those available freely via letsencrypt (note they need frequent refreshing as they're only valid for a few months at a time)

 

 

How do you get to this point, willvincent?

 

5c75320f01a38_CertError.jpg


Edited by Netbug, 26 February 2019 - 08:33 AM.


#37 Joe Farmer OFFLINE  

Joe Farmer

    Member

  • Members
  • 12 posts
  • Local time: 08:54 AM

Posted 26 February 2019 - 06:28 PM

How do you get to this point, willvincent?

 

You will need to create a self-signed certificate. From what I understand it is not a simple task and something that you would need to research and figure out how to do as although several people have mentioned doing it, no one has yet given any information on how to do it or where to get information on how to do it.

I'm considering whether or not I take the time to try to figure it out myself, haven't had time to do it yet.

Would be good if someone who has already done it could give us some direction on how to do it or even just a link to some resources that would help us to figure it out ourselves *hint hint* ;)



#38 willvincent OFFLINE  

willvincent

    Member

  • Members
  • 17 posts
  • Local time: 03:54 PM

Posted 28 February 2019 - 03:49 PM

I've mentioned it earlier, but for me cert generation is built into my router, so I'm not sure how much help I can provide.. I'll see if I can track down some linkage.

Within emby, when managing the server -- on the 'Expert > Advanced' settings form, you must tick the box to enable remote connections so that you can provide your custom self-signed cert. 

5c783a6f7c511_ScreenShot20190228at14519P

5c783a8d60e98_ScreenShot20190228at14600P

I think it'll also require that you populate the "External Domain" field, but if you're not going to actually forward external traffic to the emby server, what you put there isn't entirely important as far as I can figure.

Once you've done that, you simply access your server via the https port, 8920 by default... so for me, I hit: https://emby:8920/web/index.html


Edited by willvincent, 28 February 2019 - 03:50 PM.


#39 willvincent OFFLINE  

willvincent

    Member

  • Members
  • 17 posts
  • Local time: 03:54 PM

Posted 28 February 2019 - 03:53 PM

Try this: https://stackoverflo...0445432/1972101

 

On linux/mac commands should be the same, but just be openssl ...whatever... instead of C:\Openssl\bin\openssl.exe

Once you've got the cert, you'll need to put it onto the server OR a network path that you can access via emby.


EDIT:

The last comment on that stackoverflow claims it's doable in two steps.. haven't tested.
 

openssl req -x509 -sha256 -nodes -days 3650 -newkey rsa:4096 -keyout mykey.key -out mypem.pem

openssl pkcs12 -export -out myp12.p12 -inkey mykey.key -in mypem.pem

Edited by willvincent, 28 February 2019 - 03:59 PM.

  • Sp3kt3r likes this

#40 Joe Farmer OFFLINE  

Joe Farmer

    Member

  • Members
  • 12 posts
  • Local time: 08:54 AM

Posted 28 February 2019 - 07:06 PM

 

Try this: https://stackoverflo...0445432/1972101

 

On linux/mac commands should be the same, but just be openssl ...whatever... instead of C:\Openssl\bin\openssl.exe

Once you've got the cert, you'll need to put it onto the server OR a network path that you can access via emby.


EDIT:

The last comment on that stackoverflow claims it's doable in two steps.. haven't tested.
 

openssl req -x509 -sha256 -nodes -days 3650 -newkey rsa:4096 -keyout mykey.key -out mypem.pem

openssl pkcs12 -export -out myp12.p12 -inkey mykey.key -in mypem.pem

 

Crikey!

This all seems way too complicated for me! The sad thing is I actually work for RSA but I'm no coder or engineer so this all goes over my head.....a bit like an aeroplane!

If/when I have time I'll try to read through what you provided so thank you.

I did also find this topic https://emby.media/c...icate-for-emby/ but not sure if it's relevant as it dates back to 2016.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users