16 replies to this topic

[bflagg]

Do you have a step by step for SSL setup for EMBY?

 

[byusinger84]

This is the one I use. Works well.

https://mythofechelo...ver-and-windows

[Senna]

https://blog.awelswy...flare-with-emby

 

And some more:

https://blog.awelswy...k/category/emby

 

And if you want some reading, go here:

https://emby.media/c...re-connections/

[Spaceboy]

https://blog.awelswy...flare-with-emby

And some more:
https://blog.awelswy...k/category/emby

And if you want some reading, go here:
https://emby.media/c...re-connections/

ive been using the awel swynol method for a few years now. Works perfectly

[crusher11]

In step 10, what's the IP address of my server? The WAN address or the LAN address?

[Senna]

In step 10, what's the IP address of my server? The WAN address or the LAN address?

Step 10 is about forwarding external traffic on your router, to your Emby Server on your LAN, so it needs the LAN address there.

[crusher11]

So I've set this up, but I get a 522 error when trying to connect remotely and the Security Headers website says it can't be checked because it failed validation.

[crusher11]

Further info: CanYouSeeMe.org shows port 443 as open, but not port 80. Which makes sense given I forwarded 443 but not 80. So it seems the issue is somewhere in the SSL setup process rather than the remote connection process.

[Senna]

Please compare the output of the following:

https://WAN-IP:443/emby/system/info/public

https://Domain-URL:443/emby/system/info/public

Do you get a response in web browser on BOTH requests ?

[crusher11]

The domain gives a Cloudflare 522 error, the WAN IP gives a browser "this page is not secure" error:

[WAN IP] uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. The certificate is only valid for the following names: [domain] Error code: SEC_ERROR_UNKNOWN_ISSUER

 

 

Skipping past that, I do indeed get some sort of info page with server name, version, etc. If I remove the info stuff and go to https://WANIP:443 I get an Emby login page.

Edited by crusher11, 30 July 2019 - 09:24 AM.

[Senna]

the WAN IP gives a browser "this page is not secure" error:

That's normal, because your Cloudflare SSL certificate is only used when your connection is done with domain name, through Cloudflare.
 

Skipping past that, I do indeed get some sort of info page with server name, version, etc. If I remove the info stuff and go to https://WANIP:443 I get an Emby login page.

Good, that tells us the port forward on router is working OK and your Emby server can be reached externally with WAN IP.
Now you have to check your Cloudflare domain setup, including how you created your SSL certificate and your Emby Advanced Setup, regarding external access with domain and SSL certificate.

[crusher11]

What should I be checking? I have no idea where I could have gone wrong.
 

Never mind, there was a typo in the WAN IP on the Cloudflare setup. But now that I've changed it I'm getting a message saying that no A, AAA or MX records were found on the various domains or something?

Edited by crusher11, 30 July 2019 - 09:41 AM.

[Senna]

But now that I've changed it I'm getting a message saying that no A, AAA or MX records were found on the various domains or something?

Ignore those, as long you have a type A record with proxy status with an orange cloud, you are good to go.

Now you have fixed the typo with WAN IP in Cloudflare, what happens when you enter :

https://Domain-URL:443/emby/system/info/public

Do you get the same response compared to when you use the WAN IP ?

[crusher11]

Yep, it seems to be working now.

[Senna]

Yep, it seems to be working now.

Enjoy  

[BillOatman]

https://blog.awelswy...flare-with-emby

 

And some more:

https://blog.awelswy...k/category/emby

 

And if you want some reading, go here:

https://emby.media/c...re-connections/

Aren't the first two the same thing?

[Senna]

Aren't the first two the same thing?

If you don't scroll any further, than you could say those are the same

But if you do...