Schleudertrauma 10 Posted April 2, 2024 Posted April 2, 2024 Hi there, i've used the search but found nothing related to my question. Is it possible to let emby use http/2 as standard instead of http/1.1 and if it is possible where can i change the settings? Greetings Schleudi
Happy2Play 9780 Posted April 2, 2024 Posted April 2, 2024 Ensure you are only connecting via https. Network setting But obviously local connections will not be WAN connections. But all these network gurus will possibly have some more advice.
Schleudertrauma 10 Posted April 3, 2024 Author Posted April 3, 2024 Thank you but this setting is already set but all remote clients (Smartphones, TVs, Browsers etc.) are still shown with http/1.1 connections no matter if they're using emby apps or not. I have a hardware firewall with pfsense installed on in front of my network with haproxy running that listens to incoming requests on the frontend and then sends them to the backend machines. I use emby only on its https port so that connections from outside the lan and between haproxy and emby are ssl only. In fact of that i want emby to switch to http/2 but someone needs to point me in the right direction or maybe emby does not support http/2 in its latest releases? I am not that network pro and it's truly possible that my ssl settings are not right and that it's not an emby related problem. I don't know. Greetings Schleudi
Happy2Play 9780 Posted April 3, 2024 Posted April 3, 2024 I will guess the exact same discussion as here wanting LAN to be SSL only. 1
Schleudertrauma 10 Posted April 3, 2024 Author Posted April 3, 2024 No i think that's not my point and my connection is already secured. Remote clients connecting to my emby server are connected via http/1.1 although the whole line is secured (from the client to my reverse proxy and same from the reverse proxy to the internal emby server). Emby is showing me the right remote ip's of the clients in the overview so everything seems to work correctly except http/2. Greetings Schleudi
Q-Droid 989 Posted April 3, 2024 Posted April 3, 2024 As far as I know Emby does use http/2 when TLS is enabled. It would seem that your reverse proxy might be the problem here if the clients are connecting with http/1 to the reverse proxy. If the problem was Emby then you would have the client -> proxy connections as http/2 and proxy -> Emby downgraded to http/1. 1
Luke 42077 Posted April 3, 2024 Posted April 3, 2024 Quote As far as I know Emby does use http/2 when TLS is enabled. Hi, yes this is correct.
Schleudertrauma 10 Posted April 7, 2024 Author Posted April 7, 2024 Thank you guys. I have to test and fix that in a development environment so that the productive emby server can run further. I really need to get deeper in that network stuff, there is too much going on that i don't get at the moment. I will give you feedback in here when i'm ready.
Schleudertrauma 10 Posted May 26, 2024 Author Posted May 26, 2024 Sorry for the late reply friends. I finally got http/2 to work well now. It was truly my haproxy setting on my pfsense like Q-Droid mentioned. As of that hint, i tried many settings without success. But the solution was dead simple, shame on me! I just implemented a brand new self signed cert into the emby network settings to rule out any other issues, implemented the same cert into the pfsense so haproxy can use it and then set the "alpn h2,http/1.1" attribute to my emby backend within haproxy, cleared all caches, restartet all services and now everything works as expected. Setting the "alpn h2,http/1.1" attribute to the frontend is not necessary as "h2" between client and haproxy is enabled by default. I thank you all for your help and especially Q-Droid, who ultimately gave the crucial hint. Greetz Schleudi 1
skooogis 7 Posted November 28, 2024 Posted November 28, 2024 Regarding this all connecting clients showing as http/1.1 on my server aswell. Running IIS as reverse proxy. I have verified TLS, both 1.2 and 1.3 are supported and http/2 test also reports supported. Help would be appreciated.
Luke 42077 Posted November 29, 2024 Posted November 29, 2024 20 hours ago, skooogis said: Regarding this all connecting clients showing as http/1.1 on my server aswell. Running IIS as reverse proxy. I have verified TLS, both 1.2 and 1.3 are supported and http/2 test also reports supported. Help would be appreciated. Hi, did you check that the client devices support http2? Are they connected over https?
skooogis 7 Posted November 29, 2024 Posted November 29, 2024 12 minutes ago, Luke said: Hi, did you check that the client devices support http2? Are they connected over https? All devices are connected over https. Regarding the clients, I have iPhone, iPad, Pixel 9, Pixel 8, Samsung tab S5 with Emby app and they all use http1. I have also tested with PC and all possible browsers, but they also show up as http1 when streaming. Checking IIS logs states that i have clients using http2 and http3, so my guess is that somewhere between iis > Emby the negotiation end up with http1 for some reason.
Schleudertrauma 10 Posted November 29, 2024 Author Posted November 29, 2024 (edited) 21 hours ago, skooogis said: Regarding this all connecting clients showing as http/1.1 on my server aswell. Running IIS as reverse proxy. I have verified TLS, both 1.2 and 1.3 are supported and http/2 test also reports supported. Help would be appreciated. You have to make sure that your reverse proxy talks http/2 to emby on its https port (8920 by default). You have to implement a certificate into emby and then you have to tell your reverse proxy that it has to talk via https to your emby server internally. Http/2 connections from your clients are going from outside to your reverse proxy and your reverse proxy is forwarding it to your specific emby server. The http/2 connection from the outside terminates at your reverse proxy. I am not familiar with the reverse proxy in your case but you have to find settings where you can tell the proxy that it has to upgrade the connection. In haproxy i needed to set "Per server pass thru" to "alpn h2,http/1.1" in the advanced backend settings for my emby host. I hope that was somehow understandable because i am german. Greetz Schleudi Edited November 29, 2024 by Schleudertrauma 1
Q-Droid 989 Posted November 29, 2024 Posted November 29, 2024 18 minutes ago, skooogis said: All devices are connected over https. Regarding the clients, I have iPhone, iPad, Pixel 9, Pixel 8, Samsung tab S5 with Emby app and they all use http1. I have also tested with PC and all possible browsers, but they also show up as http1 when streaming. Checking IIS logs states that i have clients using http2 and http3, so my guess is that somewhere between iis > Emby the negotiation end up with http1 for some reason. The answer is five posts above your first one. http2 is only supported with TLS connections so if you insist on http2 you'll need to configure end-to-end encryption.
Lessaj 467 Posted November 29, 2024 Posted November 29, 2024 More than likely the clients are connecting to IIS with http/2 and then IIS is connecting to emby with http/1.1. In my own testing when my reverse proxy was connecting to emby using h2 instead of https as the directive (to force http2 instead of 1.1) transfer speeds were terrible and therefore I don't recommend it. YMMV though, I'm using httpd.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now