pir8radio 1292 Posted February 7, 2020 Share Posted February 7, 2020 Enabled NGINX and http access is still working. An attempted https connection to @@pir8radio's server failed. So it's a CloudFlare SSL thing, surely? so connecting to my server via samsung failed? what happened, I have a few samsung users i think... thats strange, ill check the logs.. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 7, 2020 Author Share Posted February 7, 2020 It just throws a "could not connect to server, check that it's running" error. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 7, 2020 Author Share Posted February 7, 2020 When trying to access my server via https through the browser app packaged with the Samsung TV it just throws a "server not found" error. I'm assuming the same would be true of your server, since it'd be the same issue. The Samsung user also reports a significant increase in buffering between the IP:PORT server and the HTTP-and-NGINX server. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted February 8, 2020 Share Posted February 8, 2020 Enabled NGINX and http access is still working. An attempted https connection to @@pir8radio's server failed. So it's a CloudFlare SSL thing, surely? I just checked my logs I do not see a samsung trying to connect.. if you are comfortable sending me your internet ip i can search to see if I see that anywhere.. Pm it to me if so. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 8, 2020 Author Share Posted February 8, 2020 If it's failing at the CloudFlare level it wouldn't make it onto the NGINX logs would it? Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 9, 2020 Author Share Posted February 9, 2020 Bump. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted February 10, 2020 Share Posted February 10, 2020 If it's failing at the CloudFlare level it wouldn't make it onto the NGINX logs would it? depends...... if its a ssl cert issue, that your tv doesnt like, i would think you would still see the request the tv just wouldnt like the response... But I cant tell unless i know your ip to look for it in my logs.. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 10, 2020 Author Share Posted February 10, 2020 What IP would you need and how would I find it? Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 11, 2020 Author Share Posted February 11, 2020 Bump. Link to comment Share on other sites More sharing options...
Luke 37065 Posted February 11, 2020 Share Posted February 11, 2020 Bump. In all honesty, you've used such a non-standard configuration, just one example being having nginx share the same port with Emby...that I think the answer is we don't know the answer to your problem. If you want to make it easier for us to help you then start with @@pir8radio's nginx configuration, and accept our advice when it comes to port assignments. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 11, 2020 Author Share Posted February 11, 2020 Seriously? My ports are fine, we established that it was simply a miscommunication as to whether "ports" referred to the public ports or the local ports, I'm already using @@pir8radio's config, and the issue this thread is discussing even occurs when trying to access pir8radio's server, so no, my setup is not the issue here. Troubleshooting this temporarily got sidetracked by the emby update that broke some NGINX configs but this is an issue that predates that update significantly, doesn't occur over HTTP when NGINX is enabled, occurs over HTTPS when NGINX is disabled, and only affects the Samsung TV and none of my other devices. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 14, 2020 Author Share Posted February 14, 2020 What IP would you need and how would I find it? @@pir8radio Still waiting on an answer to this one? Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted February 14, 2020 Share Posted February 14, 2020 (edited) the IP and port i can access your emby server with. You might have to do some more reading on nginx, or do away with it.. Nginx takes work and knowledge of what its doing or it causes problems.. Edited February 14, 2020 by pir8radio Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 15, 2020 Author Share Posted February 15, 2020 (edited) Why would the IP of my server help you see anything in your server's log? The fact that I can connect via HTTP with NGINX on and cannot connect via HTTPS whether NGINX is on or not - not to mention the fact that the Samsung can't connect to your server either - indicates it isn't an NGINX issue. Edited February 15, 2020 by crusher11 Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted February 15, 2020 Share Posted February 15, 2020 uh... because i can only search for samsung, which didnt show up, now i can search for your ip and see what was going on.. samsung tv is obviously working for other emby users,,, just trying to help you... but thats cool.. lol its not nginx then... I probably cant help then.. Good luck. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 16, 2020 Author Share Posted February 16, 2020 So you need the IP of the Samsung, not the server, right? Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted February 16, 2020 Share Posted February 16, 2020 So you need the IP of the Samsung, not the server, right? yes I assumed they were in the same house. so it would be easier to just look at your emby dashboard for the wan address.... Link to comment Share on other sites More sharing options...
ebr 14913 Posted February 16, 2020 Share Posted February 16, 2020 yes I assumed they were in the same house. so it would be easier to just look at your emby dashboard for the wan address.... Yeah - this is key as the IP address from any external entities standpoint is going to be the external IP address of your router. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 16, 2020 Author Share Posted February 16, 2020 The Samsung TV is connecting remotely, which is why trying to sort out domains and SSL and NGINX and everything else is causing an issue in the first place. If it were on my network I'd just be connecting locally and calling it a day, there'd be no need for the extra hassle. There's a few entries in my NGINX log along these lines: 162.158.166.162 - - [06/Feb/2020:21:43:10 +0800] "GET /emby/system/info/public HTTP/1.1" 200 167 "-" "Mozilla/5.0 (Linux; Tizen 2.3) AppleWebKit/538.1 (KHTML, like Gecko)Version/2.3 TV Safari/538.1" "xx.xxx.xx.xx" 0.001 80 "-" 162.158.166.162 belongs to CloudFlare. I'm assuming the other IP is the TV's IP, and thus the one you're after? An IP locator has it coming from the right ISP but the wrong state, but I guess that can happen with dynamic IPs and such? Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted February 16, 2020 Share Posted February 16, 2020 The Samsung TV is connecting remotely, which is why trying to sort out domains and SSL and NGINX and everything else is causing an issue in the first place. If it were on my network I'd just be connecting locally and calling it a day, there'd be no need for the extra hassle. There's a few entries in my NGINX log along these lines: 162.158.166.162 belongs to CloudFlare. I'm assuming the other IP is the TV's IP, and thus the one you're after? An IP locator has it coming from the right ISP but the wrong state, but I guess that can happen with dynamic IPs and such? yep Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 16, 2020 Author Share Posted February 16, 2020 PM sent. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 17, 2020 Author Share Posted February 17, 2020 I'd emailed CloudFlare about this as well, and finally heard back from them although I'm not really sure what this means: Hi there, I have checked with my team and the following is the origin facing ciphers, unfortunately we are unable to alter them due to security settings, you may refer to this (https://github.com/cloudflare/sslconfig/blob/master/conf) for the latest list for your future reference, TLS 1.2 and earlier ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA AES128-GCM-SHA256 AES128-SHA ECDHE-RSA-AES256-SHA384 AES256-SHA DES-CBC3-SHA TLS 1.3 TLS_AES_128_GCM_SHA256 {0x13,0x01} TLS_AES_256_GCM_SHA384 {0x13,0x02} TLS_CHACHA20_POLY1305_SHA256 {0x13,0x03} In order to proceed, please either update your configuration, otherwise you may also grey-cloud your DNS record so it is not proxying through Cloudflare for it to work. Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 19, 2020 Author Share Posted February 19, 2020 Can anyone translate that email into English? Link to comment Share on other sites More sharing options...
crusher11 851 Posted February 20, 2020 Author Share Posted February 20, 2020 Bump. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now