pir8radio 1292 Posted August 15, 2019 Share Posted August 15, 2019 Yes connecting to your test server worked on the Apple TV. So maybe there's some configuration on my end I can change to make it work? What options do you have enabled in cloudflare? Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
acmby 1 Posted August 15, 2019 Share Posted August 15, 2019 What options do you have enabled in cloudflare? Sent from my iPhone using Tapatalk These are the settings I have under Crypto: SSL: Full (strict) Edge Certificates: only the 1 default Universal cert Custom Hostnames: none Origin Certificates: none (using a valid LetsEncrypt cert at my server) Always Use HTTPS: Off HSTS: Off Authenticated Origin Pulls: Off Minimum TLS Version: TLS 1.1 Opportunistic Encryption: On Onion Routing: On TLS 1.3: Enabled+0RTT Automatic HTTPS Rewrites: Off Certificate Transparency Monitoring: Off Disable Universal SSL: Not Disabled (default) I have not updated any other settings on the other tabs but let me know if you need to know the values for anything else. This is on the free plan, btw. Thanks! Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted August 16, 2019 Share Posted August 16, 2019 These are the settings I have under Crypto: SSL: Full (strict) Edge Certificates: only the 1 default Universal cert Custom Hostnames: none Origin Certificates: none (using a valid LetsEncrypt cert at my server) Always Use HTTPS: Off HSTS: Off Authenticated Origin Pulls: Off Minimum TLS Version: TLS 1.1 Opportunistic Encryption: On Onion Routing: On TLS 1.3: Enabled+0RTT Automatic HTTPS Rewrites: Off Certificate Transparency Monitoring: Off Disable Universal SSL: Not Disabled (default) I have not updated any other settings on the other tabs but let me know if you need to know the values for anything else. This is on the free plan, btw. Thanks! What is enabled in the speed tab. Make sure rocket loader and auto minify is off. Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
acmby 1 Posted August 16, 2019 Share Posted August 16, 2019 Auto-minify: all disabled AMP Real URL: OFF Brotli: ON Rocket Loader: OFF Mobile Redirect: OFF Everything else I assume is off because it requires a higher tier account. Link to comment Share on other sites More sharing options...
vladimirp 0 Posted August 16, 2019 Share Posted August 16, 2019 I have the same problem. Other devices are working fine (ipad, iphone), but not Apple TV. When I am inserting admin credentials — just nothing happens (visually). However in the server logs quite interesting stack trace appears: 2019-08-17 00:27:25.343 Info UserManager: Authentication request for Administrator has succeeded. 2019-08-17 00:27:25.344 Info SessionManager: Creating new access token for user 1 2019-08-17 00:27:25.345 Error HttpServer: Error processing request *** Error Report *** Version: 4.2.1.0 Command line: C:\Users\User\AppData\Roaming\Emby-Server\system\EmbyServer.dll -noautorunwebapp Operating system: Microsoft Windows NT 6.2.9200.0 64-Bit OS: True 64-Bit Process: True User Interactive: True Runtime: file:///C:/Users/User/AppData/Roaming/Emby-Server/system/System.Private.CoreLib.dll Processor count: 20 Program data path: C:\Users\User\AppData\Roaming\Emby-Server\programdata Application directory: C:\Users\User\AppData\Roaming\Emby-Server\system SQLitePCL.pretty.SQLiteException: Constraint: NOT NULL constraint failed: Tokens.DeviceName SQLitePCL.pretty.SQLiteException: Exception of type 'SQLitePCL.pretty.SQLiteException' was thrown. at SQLitePCL.pretty.SQLiteException.CheckOk(sqlite3 db, Int32 rc) at SQLitePCL.pretty.StatementImpl.MoveNext() at Emby.Server.Implementations.Security.AuthenticationRepository.Create(AuthenticationInfo info) at Emby.Server.Implementations.Session.SessionManager.GetAuthorizationToken(User user, String deviceId, String app, String appVersion, String deviceName) at Emby.Server.Implementations.Session.SessionManager.AuthenticateNewSessionInternal(AuthenticationRequest request, Boolean enforcePassword, CancellationToken cancellationToken) at MediaBrowser.Api.UserService.Post(AuthenticateUserByName request) at Emby.Server.Implementations.Services.ServiceController.GetTaskResult(Task task) at Emby.Server.Implementations.Services.ServiceHandler.ProcessRequestAsync(HttpListenerHost appHost, IRequest httpReq, IResponse httpRes, RestPath restPath, String responseContentType, CancellationToken cancellationToken) at Emby.Server.Implementations.HttpServer.HttpListenerHost.RequestHandler(IRequest httpReq, ReadOnlyMemory`1 urlString, ReadOnlyMemory`1 host, ReadOnlyMemory`1 localPath, CancellationToken cancellationToken) Source: SQLitePCL.pretty TargetSite: Void CheckOk(SQLitePCL.sqlite3, Int32) 2019-08-17 00:27:25.345 Info HttpServer: HTTP Response 500 to appletv_ip. Time: 2ms. http://server_ip:8096/emby/Users/authenticatebyname 2019-08-17 00:27:25.353 Info App: Udp message sent to appletv_ip:57200 P.S. I am a Plex user, just wanted to give Emby a try. Downloaded server from off website, passed setup wizard, installed ipad/apple tv apps and... already encountered 2 problems: I can only play 1 minute for free on ipad without paying money I cannot even login on apple tv (what's the point to pay money then?) Hope tech support guys are reading this forums. Link to comment Share on other sites More sharing options...
vladimirp 0 Posted August 17, 2019 Share Posted August 17, 2019 (edited) Apple TV hostname shouldn't contain non-ASCII characters or spaces. Now I am able to login. Please make sure this is documented properly, so people won't be spending time reverse engineering your app. Edited August 17, 2019 by vladimirp Link to comment Share on other sites More sharing options...
KopertjeNL 0 Posted August 17, 2019 Share Posted August 17, 2019 Hi there! I had the same issues, im also running Emby behind a reverse proxy. I solved it by also running Emby with just another domain with no reverse proxy and a whitelist in my firewall. Kind regards, Robin Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted August 17, 2019 Share Posted August 17, 2019 Hi there! I had the same issues, im also running Emby behind a reverse proxy. I solved it by also running Emby with just another domain with no reverse proxy and a whitelist in my firewall. Kind regards, Robin it works on my setup with nginx and cloudflare, pretty sure he wants it to work with the reverse proxy too.. Has to be a config setting if mine works. Link to comment Share on other sites More sharing options...
acmby 1 Posted August 17, 2019 Share Posted August 17, 2019 Yes I would like to keep everything behind cloudflare. Any other ideas? Link to comment Share on other sites More sharing options...
Luke 37049 Posted August 18, 2019 Share Posted August 18, 2019 Apple TV hostname shouldn't contain non-ASCII characters or spaces. Now I am able to login. Please make sure this is documented properly, so people won't be spending time reverse engineering your app. Thanks for reporting this issue. We'll look into it. Link to comment Share on other sites More sharing options...
Senna 368 Posted August 18, 2019 Share Posted August 18, 2019 Thanks for reporting this issue. We'll look into it.My Apple TV host name contains 3 spaces and I’m not having issues with connecting locally or remotely with SSL Link to comment Share on other sites More sharing options...
acmby 1 Posted August 21, 2019 Share Posted August 21, 2019 So I think I figured out what the problem I am seeing is. It seems that the AppleTV App isn't passing along the FQDN when attempting to connect to the server. I found this out by disabling Cloudflare proxying and then attempting to connect directly. I have a local reverse proxy that maps a specific subdomain to my Emby server (i.e. emby.mydomain.com). But I found that when the AppleTV App attempts to connect, it did not pass along this subdomain, so my reverse proxy did not forward the request to my Emby server. I temporarily allowed any access to the local proxy's port 443 to be forwarded to the Emby server and the AppleTV was able to connect. Is this something that can be fixed in the AppleTV app? No other apps seem to have this problem. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted August 21, 2019 Share Posted August 21, 2019 (edited) So I think I figured out what the problem I am seeing is. It seems that the AppleTV App isn't passing along the FQDN when attempting to connect to the server. I found this out by disabling Cloudflare proxying and then attempting to connect directly. I have a local reverse proxy that maps a specific subdomain to my Emby server (i.e. emby.mydomain.com). But I found that when the AppleTV App attempts to connect, it did not pass along this subdomain, so my reverse proxy did not forward the request to my Emby server. I temporarily allowed any access to the local proxy's port 443 to be forwarded to the Emby server and the AppleTV was able to connect. Is this something that can be fixed in the AppleTV app? No other apps seem to have this problem. then why does it work with my server? I have cloudflare pointing to my nginx reverse proxy, pointing to my emby... It has to be in your config. You still need port 80 open too, just need to redirect it to 443 in your nginx config. some clients need to hit port 80 first to discover the HSTS header then lock into ssl Edited August 21, 2019 by pir8radio Link to comment Share on other sites More sharing options...
acmby 1 Posted August 22, 2019 Share Posted August 22, 2019 So it turns out the issue is that the AppleTV App includes the port number in the Host field of the http request ("emby.mydomain.com:443") even for the default ports 443/80. This was breaking my subdomain rule on my local reverse proxy (HAProxy) which was looking for an exact hostname match ("emby.mydomain.com"). Changing the rule to match just the start of the host string makes it work. But just want to reiterate that this is different than all the other Emby apps and browsers that we tried. Link to comment Share on other sites More sharing options...
Luke 37049 Posted August 22, 2019 Share Posted August 22, 2019 Thanks for the feedback. Link to comment Share on other sites More sharing options...
Tur0k 143 Posted February 9, 2021 Share Posted February 9, 2021 (edited) Oddly enough this is still a problem. I am moving from HTPCs to Apple TVs, for the smaller power footprint, the cost is good, I get 4K capabilities, and the Audio/video processing is better. I allow AVAHI on my Pfsense Firewall between my internal trust VLAN, my Server VLAN, and my Guest VLAN. I have just moved my domain registrar to Cloudflare (not using their proxy service) from GoDaddy, for Cost reasons. I also am using Let's Encrypt certs. I just moved to a single wildcard Let's Encrypt Cert that is used on the HAProxy package installed on my Pfsense firewall. I too believe that it is still an Emby client on AppleTV problem. I put all my IOT and smart phone devices on my guest network. I have no problems connecting from my IOS iphones and ipads, my new Samsung Q7D series smart TV (using the Tizen OS), emby theatre from my laptop, any browser while connected to my guest network. my mobile devices work flawlessly when connected from the public Internet. A friend of mine and I spent a little time working on the issue. He found this post. we both run HAProxy as a reverse proxy in Pfsense in front of our Emby Installs. after some playing we found that I needed to use a different ACL on my HAProxy Reverse proxy that matches on: EmbyATV_acl: "host Starts with:" =subdomain instead of Emby_acl: "Host Matches:" = subdomain.mydomain.com I then setup an action that Matches source is my Guest VLAN (VLAN172) and the EmbyATV ACL. I still had to set the URL to https://subdomain.mydomain.com:443/ before things would work on the Apple TV. On my internal VLANS I don't mind the reverse proxy Action rule not being a complete FQDN but if I had a device connecting from the public Internet I think this would be a different story. someone could mask the request as just my subdomain.anydomain.com and the reverse proxy would match the request. Edited February 9, 2021 by Tur0k Link to comment Share on other sites More sharing options...
Luke 37049 Posted February 20, 2021 Share Posted February 20, 2021 On 2/8/2021 at 11:40 PM, Tur0k said: Oddly enough this is still a problem. I am moving from HTPCs to Apple TVs, for the smaller power footprint, the cost is good, I get 4K capabilities, and the Audio/video processing is better. I allow AVAHI on my Pfsense Firewall between my internal trust VLAN, my Server VLAN, and my Guest VLAN. I have just moved my domain registrar to Cloudflare (not using their proxy service) from GoDaddy, for Cost reasons. I also am using Let's Encrypt certs. I just moved to a single wildcard Let's Encrypt Cert that is used on the HAProxy package installed on my Pfsense firewall. I too believe that it is still an Emby client on AppleTV problem. I put all my IOT and smart phone devices on my guest network. I have no problems connecting from my IOS iphones and ipads, my new Samsung Q7D series smart TV (using the Tizen OS), emby theatre from my laptop, any browser while connected to my guest network. my mobile devices work flawlessly when connected from the public Internet. A friend of mine and I spent a little time working on the issue. He found this post. we both run HAProxy as a reverse proxy in Pfsense in front of our Emby Installs. after some playing we found that I needed to use a different ACL on my HAProxy Reverse proxy that matches on: EmbyATV_acl: "host Starts with:" =subdomain instead of Emby_acl: "Host Matches:" = subdomain.mydomain.com I then setup an action that Matches source is my Guest VLAN (VLAN172) and the EmbyATV ACL. I still had to set the URL to https://subdomain.mydomain.com:443/ before things would work on the Apple TV. On my internal VLANS I don't mind the reverse proxy Action rule not being a complete FQDN but if I had a device connecting from the public Internet I think this would be a different story. someone could mask the request as just my subdomain.anydomain.com and the reverse proxy would match the request. Hi, did you figure this out or are you still having an issue with it? Link to comment Share on other sites More sharing options...
jaseinny 5 Posted September 19, 2021 Share Posted September 19, 2021 (edited) So, I have exactly the same issue logging into Apple TV neither through 'emby connect' or entering my domain name as it will simply not connect. However on my FireStick and LG WebOS Emby apps I was able to connect without entering the port number. ie: https://subdomain.domainname.com Boom, worked straight away. On the Apple TV there is no way to keep the port clear as the app defaults and auto uses port 8096. "If no port is provided the default will be used" Is there a work around this? I'm running Emby on Unraid using 'Swag' as my reverse proxy using the default ports. 8096 and 8920. Edited September 19, 2021 by jaseinny Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 19, 2021 Share Posted September 19, 2021 1 hour ago, jaseinny said: So, I have exactly the same issue logging into Apple TV neither through 'emby connect' or entering my domain name as it will simply not connect. However on my FireStick and LG WebOS Emby apps I was able to connect without entering the port number. ie: https://subdomain.domainname.com Boom, worked straight away. On the Apple TV there is no way to keep the port clear as the app defaults and auto uses port 8096. "If no port is provided the default will be used" Is there a work around this? I'm running Emby on Unraid using 'Swag' as my reverse proxy using the default ports. 8096 and 8920. so whats your issue if you are using the default ports on the server side? or are you using 80/443 and only default to the backend emby server? There is no way to not enter 443 or 80 since these are non standard ports for emby... If they changed this it would break it for the majority of emby users, they leave the default ports, but it would work for us.. lol i would suggest adding the default ports to your proxy config and use them rather than 80/443 if its an issue. 1 Link to comment Share on other sites More sharing options...
Luke 37049 Posted September 20, 2021 Share Posted September 20, 2021 9 hours ago, jaseinny said: So, I have exactly the same issue logging into Apple TV neither through 'emby connect' or entering my domain name as it will simply not connect. However on my FireStick and LG WebOS Emby apps I was able to connect without entering the port number. ie: https://subdomain.domainname.com Boom, worked straight away. On the Apple TV there is no way to keep the port clear as the app defaults and auto uses port 8096. "If no port is provided the default will be used" Is there a work around this? I'm running Emby on Unraid using 'Swag' as my reverse proxy using the default ports. 8096 and 8920. We'll take a look at this in the apple tv app. Thanks. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now