Adam_Kearn 1 Posted September 19, 2020 Share Posted September 19, 2020 (edited) (The first part talks about my current setup skip to TLDR: at the bottom to see my feature request) I have resently setup Cloudflare SSL for my Emby server. When trying to connect to my server using the details in the below screen shot below: And looking in javascript console using dev tools I found that it was making HTTP requests to my server (even with always use HTTPS enabled) I assumed these requests would have changed to HTTPS:// with "Always use HTTPS" turned on in the Cloudflare portal. Emby will only connect to my server if I manually append HTTPS:// to the start of my domain name. https://emby.domain.net I want to make connecting to my server as easy as possable. ================================ TL;DR My feature request is to make emby check for HTTPS:// and HTTP:// when you provide a host so you don't have to manually put HTTPS:// in front of your domain name on the "Connect to Server" screen. (screenshot above). and just have a checkbox to force HTTP Also Personally I think the emby should also attempt to use 443, 80, 8920, 8096 by default. Then you only need to provide a port if you run you emby on something else. Let me know if I need to explain anything in more detail as my brain can't think at the moment. Its 3am, I am going bed. Edited September 19, 2020 by Adam_Kearn Uploaded image twice by accident. Link to comment Share on other sites More sharing options...
Luke 36997 Posted September 21, 2020 Share Posted September 21, 2020 Hi, if you're going to manually enter the address, then you do need to be explicit about it and specify https. But even when doing that you should still be getting a redirect to https if you've set that up at your reverse proxy level. Please let us know if this helps. Thanks. Link to comment Share on other sites More sharing options...
pir8radio 1292 Posted September 22, 2020 Share Posted September 22, 2020 (edited) Make sure the domain name is orange clouded "" Also Turn on these options under SSL/TLS settings - Edge Certificates, are these options on? (shown below both are OFF) Edited September 22, 2020 by pir8radio Link to comment Share on other sites More sharing options...
Adam_Kearn 1 Posted September 23, 2020 Author Share Posted September 23, 2020 (edited) Thanks for the replies guys. I had "Always use HTTPS" enabled before. But I didn't have HSTS setup - since then I have set this up now. It's just when I try and access my server in the emby theatre app using just emby.mydomain.net I see it not redirect to the https:// protocol (even though it's enabled on Cloudflare). It seems to stay on the HTTP URL. Because of this when I try and log in it will fail to authenticate. You can see this in the dev tools on emby theatre as shown in the screenshot below: But if I manually add https:// to the host url it will work I would like to propose possibly allowing redirect to https:// by default in "Select Server" page? Also because Cloudflare doesn't support every single port, I thought it might be worth also changing the default port on the "Select Server" screen to try both embys HTTP/HTTPS port (8096/8920) and also 80/443 and then just have the box which you enter the port an optinal feild. Then people who do have HTTPS setup don't have to change the port since it always defaults the emby HTTP port. Let me know if you need to to go more indepth or explain something more. I am not verry good when it comes to explaining stuff... Edited September 23, 2020 by Adam_Kearn Link to comment Share on other sites More sharing options...
Luke 36997 Posted September 23, 2020 Share Posted September 23, 2020 If you want that type of redirecting to happen then you need to set it up at the reverse proxy level, if you are using a reverse proxy. But keep in mind, even without that, this will only be for initial connection and then the app will switch to the remote address displayed on your server dashboard (if it is different). In other words, the flow is like this: user enters connection info -> that connection info is initially used -> then after successful sign in the app gets the same address info that is displayed on your server dashboard, and from that point on, it will use that address. Link to comment Share on other sites More sharing options...
Adam_Kearn 1 Posted September 23, 2020 Author Share Posted September 23, 2020 16 minutes ago, Luke said: If you want that type of redirecting to happen then you need to set it up at the reverse proxy level, if you are using a reverse proxy. But keep in mind, even without that, this will only be for initial connection and then the app will switch to the remote address displayed on your server dashboard (if it is different). In other words, the flow is like this: user enters connection info -> that connection info is initially used -> then after successful sign in the app gets the same address info that is displayed on your server dashboard, and from that point on, it will use that address. But that means the credentials will be going over HTTP which is unencrypted right? Link to comment Share on other sites More sharing options...
Luke 36997 Posted September 23, 2020 Share Posted September 23, 2020 That's true yes, so ideally you should explicitly enter the https when configuring the address. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now