Jump to content

[How-To] Emby Server on Windows Server with IIS as Reverse Proxy with Automatic Certificate Renewal

TheITJedi

By TheITJedi
in General/Windows

 Share

Recommended Posts

Justus

Justus   7

Posted
Posted (edited)

I have just read the guide and it seems to be very good and interesting for many people. Since I want to set up my Emby server on a mini Windows PC that runs 24/7, I was also interested in it. But it seems to be much more complicated than what I have in mind. Can't I just take the normal Emby installation and use a Powershell script via Windows task scheduling? That then automatically retrieves the IP address of the server and compares it with the DNS-A-Record-IP stored with my domain provider. If there is a discrepancy, the script updates the A-record at the domain provider with the new IP address. Just schedule this every minute. The SSL certificate script by Certbot can also be entered in the Task Scheduler and be executed. 

And that's actually it, isn't it? What are the advantages of using 10 different applications in the guide? Security aspects or other things?

Edited by Justus
Link to comment
Share on other sites
drashna

drashna   46

Posted
Posted
On 4/22/2024 at 1:23 PM, Justus said:

And that's actually it, isn't it? What are the advantages of using 10 different applications in the guide? Security aspects or other things?

Part of the point is to add a reverse proxy to hide emby behind.  And one that is easier to automate setting up SSL corticates.   The IISCrypto thing.... I think is a bad, bad idea, as it can break all sorts of things on your system, and IIS allows you to disable legacy TLS support, anyways (which is why the IISCrypto).  

 

Link to comment
Share on other sites
Nathanael

Nathanael   4

Posted
Posted
On 4/22/2024 at 10:23 PM, Justus said:

And that's actually it, isn't it? What are the advantages of using 10 different applications in the guide? Security aspects or other things?

What do you mean with 10+ applications?

Even with your suggested "powershell script" you would still need applications like NSSM to create the Emby service as running as an application has some downsides on a server, or an application like Certify the web for the automatic SSL renewal.

The rest are extensions to Microsoft IIS. 

Those are not á lot of apps. It is a basic Reverse proxy setup.

Link to comment
Share on other sites
TheITJedi

TheITJedi   29

Posted
  • Author
Posted
12 hours ago, drashna said:

Part of the point is to add a reverse proxy to hide emby behind.  And one that is easier to automate setting up SSL corticates.   The IISCrypto thing.... I think is a bad, bad idea, as it can break all sorts of things on your system, and IIS allows you to disable legacy TLS support, anyways (which is why the IISCrypto).  

 

At the point I wrote this, I was using Server 2019 which did not have the “disable legacy TLS” option. Server 2022 does and makes the IISCrypto bits unnecessary. However, older versions of Windows Server still need it. 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...