ki9 0 Posted November 6, 2020 Share Posted November 6, 2020 I'm running Emby server version 4.4.3.0 on Ubuntu 18.04. I'm trying to get https to work but Emby only listens on http over ipv6: # netstat -tulpn | grep EmbyServer tcp6 0 0 :::8096 :::* LISTEN 18468/EmbyServer udp 0 0 0.0.0.0:53911 0.0.0.0:* 18468/EmbyServer udp 0 0 0.0.0.0:7359 0.0.0.0:* 18468/EmbyServer udp 0 0 0.0.0.0:1900 0.0.0.0:* 18468/EmbyServer Nothing else is running on 8920. This is my network config. I did restart to ensure changes take effect. Link to comment Share on other sites More sharing options...
Solution Q-Droid 671 Posted November 7, 2020 Solution Share Posted November 7, 2020 The emby OS user needs to be able to read and open the pfx file to get the cert. If the server process can't open the file then it won't bind to the SSL port. Link to comment Share on other sites More sharing options...
ki9 0 Posted November 8, 2020 Author Share Posted November 8, 2020 (edited) Thanks Q-Droid, that was exactly the problem. I'm impressed that you knew the problem without seeing any error message. You must answer this a lot. It might help if emby threw up an error for that... then again, it might be in the logs that I never looked at. It's still only serving on IPv6. Do you know what's up with that? # netstat -tulpn | grep EmbyServer tcp6 0 0 :::8920 :::* LISTEN 6294/EmbyServer tcp6 0 0 :::8096 :::* LISTEN 6294/EmbyServer udp 0 0 0.0.0.0:7359 0.0.0.0:* 6294/EmbyServer udp 0 0 0.0.0.0:57408 0.0.0.0:* 6294/EmbyServer udp 0 0 0.0.0.0:1900 0.0.0.0:* 6294/EmbyServer Edited November 8, 2020 by ki9 Added code formatting to code block Link to comment Share on other sites More sharing options...
Q-Droid 671 Posted November 8, 2020 Share Posted November 8, 2020 Emby does throw an error in the server log but not in the UI. Reporting tcp6 only in netstat should be fine if you're dual stacked. Mine looks the same and I've never given it much thought. Link to comment Share on other sites More sharing options...
ki9 0 Posted November 9, 2020 Author Share Posted November 9, 2020 OK, apparently it is correct behavior, actually listening on both versions whether netstat says so or not: Quote I believe that on Linux, binding to [::] (IPv6) results in receiving both IPv6 and IPv4 traffic (by default). I believe these are referred to as IPv4-mapped IPv6 addresses. netstat simply shows the IPv6 entry only, because there's technically only a single bind, that happens to support both IPv4 and IPv6. There's a bit of information on the Apache site. It's possible for software to not use IPv4-mapped IPv6 addresses and bind to both 0.0.0.0 and [::] separately and hence show up twice in netstat, but it's a design choice on the part of the developers. -Server Fault: HTTPD listening in IPv6, according netstat, but reacheable in IPv4 Which is confusing as hell. ss even says explicitly that it's running on ipv6 only: $ ss -tle '( sport = :8920 )' State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 *:8920 *:* uid:997 ino:190854 sk:1e v6only:0 <-> Link to comment Share on other sites More sharing options...
ki9 0 Posted November 9, 2020 Author Share Posted November 9, 2020 Actually, v6only:0 might mean that it's not only v6. Maybe that zero is to inform that it's ipv4-mapped-ipv6. Link to comment Share on other sites More sharing options...
Q-Droid 671 Posted November 9, 2020 Share Posted November 9, 2020 That appears to be the case, 0 to bind v4 and v6, 1 (or non-zero) to bind v6 only. Link to comment Share on other sites More sharing options...
Luke 37282 Posted November 13, 2020 Share Posted November 13, 2020 Hi @ki9 has this helped? Link to comment Share on other sites More sharing options...
ki9 0 Posted December 2, 2020 Author Share Posted December 2, 2020 @Luke Yes, thanks. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now