Riptide126 24 Posted February 21, 2024 Posted February 21, 2024 (edited) I recently made some changes to my server, I am no using a reverse proxy (nginx) and running both jellyseerr and emby through it, as well as a custom domain. One problem I am having is that google is flagging my domain for some reason, I went ahead and proved ownership of the domain and hopefully that will solve itself through them, I am assuming you guys have nothing to do with that. My other issue is that remote access is running through http instead of https those are my network setting as of right now, I can also show you my folder with my ssl certificates in them. I tried my best to follow the guide for setting up dns on emby, there is two different .pfx files in there, one that was created using winacme and the other using openSSL to create a PKCS#12 cert file. I am honestly super new to all of this so it is highly likely I am doing something wrong, any help would be appreciated. Edited February 21, 2024 by GrimReaper Domain masked
pwhodges 2012 Posted February 21, 2024 Posted February 21, 2024 (edited) If you are now running through a reverse proxy, that is where your https end-point is. You need to set up the certificate in the reverse proxy. Having an http link from the reverse proxy to the actual server is then expected (setting up a local https link is a separate operation, and typically not as easy as a public one). You tell Emby that the reverse proxy is handling https, so that it can still use the correct WAN url. Paul Edited February 21, 2024 by pwhodges 1
rbjtech 5284 Posted February 21, 2024 Posted February 21, 2024 Maybe take a look at this guide - https://emby.media/community/index.php?/topic/93074-how-to-emby-with-nginx-with-windows-specific-tips-and-csp-options/ If you are new with reverse proxies, then tbh there are probably simplier solutions - such as 'caddy' - I'm not familiar with it myself, but it looks a lot easier to setup than nginx.
pwhodges 2012 Posted February 21, 2024 Posted February 21, 2024 I use Caddy, and advocate for it. Once you have a domain name, you can just use that in a Caddy configuration, and Caddy will acquire, install, and keep updated the necessary certificate; it will also enforce redirection from http to https. I wrote about this four years ago, but maybe I should make new instructions, as the way logging works has had some changes. Paul 3 1
rbjtech 5284 Posted February 21, 2024 Posted February 21, 2024 nginx needs certbot installed to auto renew the cert and it has many settings to modify to get it optimal so on that basis, I would suggest you follow Paul's advice/guide above and use that instead as your first reverse proxy ..
ebr 16185 Posted February 21, 2024 Posted February 21, 2024 1 hour ago, pwhodges said: I wrote about this four years ago, but maybe I should make new instructions, as the way logging works has had some changes. That would be awesome. Thanks.
Riptide126 24 Posted February 21, 2024 Author Posted February 21, 2024 (edited) Thank you guys so much for you help, I ended up getting it working so what I have attached is what it says now, the only issue that I have now is that when I type that into google it says the website is dangerous, I went on google search console and claimed the domain name and subdomain, however I am wondering what the reason is that it is saying that the site is dangerous, as I have jellyseerr set up with the same domain just [redacted] and it doesnt give me that warning. Edited February 21, 2024 by GrimReaper Domain masked
Riptide126 24 Posted February 21, 2024 Author Posted February 21, 2024 8 hours ago, rbjtech said: Maybe take a look at this guide - https://emby.media/community/index.php?/topic/93074-how-to-emby-with-nginx-with-windows-specific-tips-and-csp-options/ If you are new with reverse proxies, then tbh there are probably simplier solutions - such as 'caddy' - I'm not familiar with it myself, but it looks a lot easier to setup than nginx. This guide was also super helpful thank you for that
Lessaj 467 Posted February 21, 2024 Posted February 21, 2024 Not seeing any warnings when I check, your cert is signed by Lets Encrypt. What is the exact error you're seeing? P.S. May want to hide users from your login screen, up to you. 1
Neminem 1519 Posted February 21, 2024 Posted February 21, 2024 And mask domain name from screen shots ¯\_(ツ)_/¯ 1
Riptide126 24 Posted February 21, 2024 Author Posted February 21, 2024 18 minutes ago, Lessaj said: Not seeing any warnings when I check, your cert is signed by Lets Encrypt. What is the exact error you're seeing? P.S. May want to hide users from your login screen, up to you. This is the warning I get, its only on google chrome though if I try on Microsoft edge its fine
Riptide126 24 Posted February 21, 2024 Author Posted February 21, 2024 18 minutes ago, jaycedk said: And mask domain name from screen shots ¯\_(ツ)_/¯ Yeah probably a good idea LOL thats my bad, idk if it was you that went back and covered those for me but if it was thank you
Lessaj 467 Posted February 21, 2024 Posted February 21, 2024 Ah I see, I have that option set to no protection so that may be why I didn't see it come up. That may be because it's a ddns domain but it may not always come up since you have a certificate now.
darkassassin07 652 Posted February 21, 2024 Posted February 21, 2024 A somewhat common issue. Just googles automations being a PITA. Not much to do but report it as a false positive.
Riptide126 24 Posted February 21, 2024 Author Posted February 21, 2024 That is insane timing, I just logged into the search console and got this from google, hopefully that is the end of that issue but from what I have seen from others I have a feeling that the issue is gonna come back. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now