Nitro_Zeus 11 Posted July 11, 2022 Posted July 11, 2022 Hey Guyes, I have installed Emby with default settings. ran Certbot to get a Certificate to nitrozeus.stream I followed this guide: https://certbot.eff.org/instructions?ws=other&os=windows And the cert setup was success See picture Emby 03.png and picture Emby 02.png I have not changed any settings in netowork besides adding my domain nitrozeus.stream. and somehow the WAN wont update, and i cannot access the site https://nitrozeus.stream I tried to define the path "Custom SSL certificate path" to where the "fullchain.pem" file is, wich works fine, but still nothing works, what am i doing wrong
Luke 42083 Posted July 11, 2022 Posted July 11, 2022 Ho, what do your network settings look like now?
Nitro_Zeus 11 Posted July 11, 2022 Author Posted July 11, 2022 looks like this. as of now i can access the site at; http://nitrozeus.stream:8096/web/index.html#!/home But it is still Not secure HTTP screencapture.pdf
Luke 42083 Posted July 11, 2022 Posted July 11, 2022 10 minutes ago, Nitro_Zeus said: looks like this. as of now i can access the site at; http://nitrozeus.stream:8096/web/index.html#!/home But it is still Not secure HTTP screencapture.pdf 530.76 kB · 2 downloads Hi, can you please attach an image file rather than a pdf? Thanks !
Luke 42083 Posted July 12, 2022 Posted July 12, 2022 Hi, did you notice the Secure Connection Mode option?
Nitro_Zeus 11 Posted July 13, 2022 Author Posted July 13, 2022 ohh, just changed that, but it still does not change the WAN address to a secure one. it should be changed to https://nitrozeus.stream:8920 acording to the network configuration. could it be the certification thats supposed to be in pfx format?
Q-Droid 989 Posted July 13, 2022 Posted July 13, 2022 @ebr posted the answer. You need to use your PEM certs to create a PKCS12 archive (PFX) which is the keystore format that Emby uses.
Nitro_Zeus 11 Posted July 13, 2022 Author Posted July 13, 2022 Any ideas on how to convert .PEM to .pfx then? I got the following files to my certificate; privkey.pem : the private key for your certificate. fullchain.pem : the certificate file used in most server software. chain.pem : used for OCSP stapling in Nginx >=1.3.7. cert.pem : will break many server configurations, and should not be used
Q-Droid 989 Posted July 13, 2022 Posted July 13, 2022 You would use the privkey and fullchain PEM files. Search the forum for openssl, there are dozens of examples.
Nitro_Zeus 11 Posted July 13, 2022 Author Posted July 13, 2022 i tried researching it, but all the guides seems a bit off cours, not easy explained i need a step by step on this one, never tried before.
Q-Droid 989 Posted July 13, 2022 Posted July 13, 2022 You have a few options. If you have openssl installed on your system you can follow the steps in the post linked below. The <path to PKCS12 file> expects the full path including the pfx filename. I wouldn't put the file in the Certbot folder but instead create a location to be used by Emby, for example - C:\something\ssl\mydomain.pfx, then update the Emby Network Settings with that path. If you don't have and don't want openssl then the SSLShopper online conversion tool is an option. Many in the community have used and recommend it. https://www.sslshopper.com/ssl-converter.html
Solution Nitro_Zeus 11 Posted February 3, 2023 Author Solution Posted February 3, 2023 Just to solve this topic i found the solution to convert the privkey.pem -> fullchain.pem -> chain.pem -> cert.pem and get it to PFX format The command is simple and goes like this in powershell: openssl pkcs12 -export -out embycert.p12 -in cert.pem -inkey privkey.pem 1 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now