centuryx476 9 Posted August 27, 2021 Posted August 27, 2021 (edited) Hello, I just switched over from windows to linux. I use a powershell letsEncrypt library on another server to download my certs for me and do the installs. I get them in fullchain.pfx, fullchain.cer, cert.key, etc. For windows using pfx is fine. In Linux for emby do I need to convert it to .pem ? What is the proper openSSL command to run to get the certs all nice and happy ? Also what permission do I set the cert too ? 644 ? 755 ? I got the server up and running except for this part. Thank You Edited August 27, 2021 by centuryx476
Q-Droid 989 Posted August 27, 2021 Posted August 27, 2021 You should be able to use the same pfx file as Windows. Make sure the file is owned by user emby then permissions won't matter so much.
centuryx476 9 Posted August 27, 2021 Author Posted August 27, 2021 (edited) I have a fullchain.pfx that contains everything needed. It worked normally on the windows build. Is there a log file I can check somewhere ? Edit: I get this in the serve status Edited August 27, 2021 by centuryx476
Q-Droid 989 Posted August 27, 2021 Posted August 27, 2021 Restart your Emby server then attach the server log.
centuryx476 9 Posted August 27, 2021 Author Posted August 27, 2021 *** Error Report *** Version: 4.6.4.0 Command line: /opt/emby-server/system/EmbyServer.dll -programdata /var/lib/emby -ffdetect /opt/emby-server/bin/ffdetect -ffmpeg /opt/emby-server/bin/ffmpeg -ffprobe /opt/emby-server/bin/ffprobe -restartexitcode 3 -updatepackage emby-server-deb_{version}_amd64.deb Operating system: Linux version 5.4.0-81-generic (buildd@lgw01-amd64-052) (gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04)) #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC 2021 Framework: .NET Core 3.1.13 OS/Process: x64/x64 Runtime: opt/emby-server/system/System.Private.CoreLib.dll Processor count: 2 Data path: /var/lib/emby Application path: /opt/emby-server/system System.Net.Sockets.SocketException: System.Net.Sockets.SocketException (13): Permission denied at System.Net.Sockets.Socket.UpdateStatusAfterSocketErrorAndThrowException(SocketError error, String callerName) at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.Sockets.Socket.Bind(EndPoint localEP) at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketConnectionListener.Bind() at Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets.SocketTransportFactory.BindAsync(EndPoint endpoint, CancellationToken cancellationToken) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.<>c__DisplayClass21_0`1.<<StartAsync>g__OnBind|0>d.MoveNext() --- End of stack trace from previous location where exception was thrown --- at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindEndpointAsync(ListenOptions endpoint, AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.ListenOptions.BindAsync(AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.AnyIPListenOptions.BindAsync(AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.EndpointsStrategy.BindAsync(AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken) at Microsoft.AspNetCore.Hosting.WebHost.StartAsync(CancellationToken cancellationToken) at Microsoft.AspNetCore.Hosting.WebHost.Start() at Emby.Server.Implementations.HttpServer.KestrelHost.KestrelListener.OnAddPrefixesComplete() at Emby.Server.Implementations.ApplicationHost.Init() at EmbyServer.HostedService.StartAsync(CancellationToken cancellationToken) Source: System.Net.Sockets TargetSite: Void UpdateStatusAfterSocketErrorAndThrowException(System.Net.Sockets.SocketError, System.String)
Q-Droid 989 Posted August 27, 2021 Posted August 27, 2021 You might have a port conflict, something else running and bound to the same ports Emby is trying to use.
centuryx476 9 Posted August 27, 2021 Author Posted August 27, 2021 28 minutes ago, Q-Droid said: You might have a port conflict, something else running and bound to the same ports Emby is trying to use. Let me set all the ports to different ones and see what I get
centuryx476 9 Posted August 27, 2021 Author Posted August 27, 2021 (edited) I changed the HTTPS port to 4445 and now the cert loads and the site loads. But its just a blank screen. The emby logo loads then goes black. So I would say that is huge progress.... When I have the ports to 8096 and 4445 they show up. When I change them to 80 and 443 it disappears. Let me disable IPv6... Edit: When I put the HTTPS port to 4445 I can connect successfully. When I put it to 443 it crashes. Edit2: Could this be because port 443 is below the 1024 threshold and maybe I need to run emby-server as root ? If so whats the best practice to do that ? This is a blank ubuntu box. There should not be anything using port 443... Edited August 27, 2021 by centuryx476
Solution centuryx476 9 Posted August 27, 2021 Author Solution Posted August 27, 2021 (edited) OK, I changed it to point to my HAProxy and forward the port on it. So now I can access it via port 443 while the proxy passes it to the box on port 4445. I was trying to avoid using the HAProxy but so be it. Could this affect trans coding ? Thank You for your help! Edited August 27, 2021 by centuryx476
Q-Droid 989 Posted August 27, 2021 Posted August 27, 2021 Well done. Yes, if you want to use default ports 80/443 your best bet is a proxy or forward mapping. Running as root is not advised.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now