Jump to content
z3ndra

https reading bug

Recommended Posts

z3ndra

Hello

I have a problem, in https, video playback is impossible on the ps4, a message tells me that no flow is available. on the other hand everything goes well in http. at the first display on the ps4, there is a message that tells me that the browser does not embed the certificate, yet the site is displayed well.

thank you ;)

 

 

LOG :

System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure	   --- End of inner exception stack trace ---	   at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount)	   at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired)	   --- End of inner exception stack trace ---	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)	   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)	   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)	   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)	   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)	   at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)	--- End of stack trace from previous location where exception was thrown ---	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)	   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)	   at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult)	   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)	--- End of stack trace from previous location where exception was thrown ---	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)	   at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()	--- End of stack trace from previous location where exception was thrown ---	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)	   at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__29.MoveNext()	--- End of stack trace from previous location where exception was thrown ---	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)	   at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__27.MoveNext()	System.Security.Authentication.AuthenticationException	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)	   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)	   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)	   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)	   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)	   at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)	--- End of stack trace from previous location where exception was thrown ---	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)	   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)	   at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult)	   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)	--- End of stack trace from previous location where exception was thrown ---	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)	   at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext()	--- End of stack trace from previous location where exception was thrown ---	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)	   at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__29.MoveNext()	--- End of stack trace from previous location where exception was thrown ---	   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()	   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)	   at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__27.MoveNext()	InnerException: Interop+OpenSsl+SslException	Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure	   --- End of inner exception stack trace ---	   at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount)	   at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired)	   at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount)	   at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired)	InnerException: Interop+Crypto+OpenSslCryptographicException	Interop+Crypto+OpenSslCryptographicException: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure	
Edited by z3ndra

Share this post


Link to post
Share on other sites
Luke

What kind of certificate have you setup? Sounds like the ps4 is not supporting it.

Share this post


Link to post
Share on other sites
z3ndra

let's encrypt certificate

Share this post


Link to post
Share on other sites
z3ndra

i have an other ssl problem on safari

 

log

 

System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown --- End of inner exception stack trace --- at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, Byte[] recvBuf, Int32 recvOffset, Int32 recvCount, Byte[]& sendBuf, Int32& sendCount) at System.Net.Security.SslStreamPal.HandshakeInternal(SafeFreeCredentials credential, SafeDeleteContext& context, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, Boolean isServer, Boolean remoteCertRequired) --- End of inner exception stack trace --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest) --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization) --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpConnection.<Init>d__30.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__29.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at SocketHttpListener.Net.HttpEndPointListener.<ProcessAccept>d__27.MoveNext() System.Security.Authentication.AuthenticationException at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest) --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at

Share this post


Link to post
Share on other sites
Luke

Have you checked that safari trusts your certificate?

Share this post


Link to post
Share on other sites
z3ndra

hello,  I come back because I buy therefore a certificate at namecheap certified by sectigo and same problem, the ps4 does not find root certificates. I obviously included the file ca-bundle in the pfx but nothing, always this message when there is no problem on other browsers. an idea ?

 

5cb37c226518f_ps4.jpg

 

 

Edited by z3ndra

Share this post


Link to post
Share on other sites
Luke

Did you configure the certificate in Emby? Does it work with other devices?

Share this post


Link to post
Share on other sites
z3ndra

yes with other devices, its perfect, but on the ps4 reading is impossible because of this root certificate problem, yet the file ca-bundle is well integrated with the pfx file crt, on the pc we see the hierarchy of the certificate, it's ca that I do not understand, eviscally cons everything works perfectly in http. I also noticed that it was marked that the site is encrypted with an obsolete method, it may be that, but I do not see why it puts me that it is obsolete.

Share this post


Link to post
Share on other sites
Luke

Have you checked that PS4 will trust this certificate?

Share this post


Link to post
Share on other sites
z3ndra

how i make that ? sectigo is the new name of comodo, normaly its compatible with the ps4 browser.

Share this post


Link to post
Share on other sites
Luke

normaly its compatible with the ps4 browser.

 

How do you know this?

Share this post


Link to post
Share on other sites
z3ndra

its written on there website

Edited by z3ndra

Share this post


Link to post
Share on other sites
Luke

Can you give me a link to that? thanks.

Share this post


Link to post
Share on other sites
Luke

It only lists PS3, I do not see PS4 there.

Share this post


Link to post
Share on other sites
z3ndra

I contacted them and they confirmed it to me by message yesterday. the same is strange that I have a site certified by lets encrypt via my web host and the ps4 does not display this message and it puts me that the content is encrypted through a current method. out with emby, with the same certificate lets encrypt, it puts me that the encryption is obsolete and the ps4 shows me this message. so it comes from the side of the server that supports emby. it runs on a dedicated server under ubuntu, I made an iptable to redirect the 80 ports to 8096 and 443 to 8920.

Share this post


Link to post
Share on other sites
z3ndra

I found, in fact it is the private key in rsa that does not pass, while on another server it works but the key is in ecdhe_rsa under letencrypt. So, do you know how to generate such a key under ubuntu, because I have a paid certificate?

Share this post


Link to post
Share on other sites
Luke

So, do you know how to generate such a key under ubuntu, because I have a paid certificate?

@@Jdiesel have you ever done this?

Share this post


Link to post
Share on other sites
z3ndra

Ok, well I just figured out where the problem came from. I tried under letsencrypt with version 3.4.1.0 and with version 4.0.2.0 and finally it turns out that version 3.4.1.0 only works with a rsa key in https and 4.0.2.0 works with a key ecdhe_rsa and therefore compatible with the player of the ps4.

so there must have been a change in the code which makes that emby does not go through the same type of key for the https.

Share this post


Link to post
Share on other sites
Luke

Ok, well I just figured out where the problem came from. I tried under letsencrypt with version 3.4.1.0 and with version 4.0.2.0 and finally it turns out that version 3.4.1.0 only works with a rsa key in https and 4.0.2.0 works with a key ecdhe_rsa and therefore compatible with the player of the ps4.

 

so there must have been a change in the code which makes that emby does not go through the same type of key for the https.

 

Interesting, so are you all set now with 4.0.2 now that you've realized that?

Share this post


Link to post
Share on other sites
z3ndra

yes, but my css and my theme have problem in this version, for exemple I had to delete the button add to the collection in css and that makes disappear the button "restart the server" in this version or the menu "home" and "favorites" are found to be black on a black background when they are not selected while they were gray, and I find the thumbnails "new content" on the home page, too small compared to the old version. otherwise I find it top.

Share this post


Link to post
Share on other sites
Luke

Ok it's normal that you may have to adjust those things after releases.

Share this post


Link to post
Share on other sites
z3ndra

ok thank u, do you know therefore how can we just correct the thumbnails of the homepage? because when I enlarge them, it also enlarges the thumbnails in the mediateque.

Share this post


Link to post
Share on other sites
Luke

Can you show a screenshot? Thanks.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...