Connect to Server, Unable to Reach Server

[get42n8 0]

I can connect to my server just fine if i go directly http to it. i want to secure a bit, dont want to generate certificates and deal with expiration, instead i am trying to go thru emby connect.  cannot add the same server to it. getting an error. tried both internal url and external url - same error.

firewall ports are opened, router has port forwarding for  8096 and 9820. 

any ideas?

[Abobader 3464]

Hello get42n8,

** This is an auto reply **

Please wait for someone from staff support or our members to reply to you.

It's recommended to provide more info, as it explain in this thread:

Thank you.

Emby Team

[Luke 42077]

HI there, what exactly is the error?

[seanbuff 1315]

35 minutes ago, get42n8 said:

i want to secure a bit, dont want to generate certificates and deal with expiration, instead i am trying to go thru emby connect.

Your images aren't loading properly, so we cannot see your screenshots. However, you cannot avoid TLS and certificates if you want to use HTTPS, Emby Connect has nothing to do with that. Emby Connect is really only a redirection service for your domain name, you still need to secure it yourself.

If you really want to avoid having to having to mess with certs and renewals, your best bet is a reverse proxy that supports automating that (eg. Caddy or Nginx, etc) - otherwise you might have some luck with Tailscale or similar.

Have you made sure you have followed the Connecting from Client Apps guide?

[get42n8 0]

 

i don't care to encrypt content, it actually might slow down the stream if i do.

i only want to secure the authentication.

and it is bothering me that i cant make 'emby connect' work. is there a log that i can see debug info? maybe it will help me to figure out the problem. the "unable to connect to server" is rather vague message, especially that i know i can connect directly.

 

 

[Luke 42077]

44 minutes ago, get42n8 said:

 

i don't care to encrypt content, it actually might slow down the stream if i do.

i only want to secure the authentication.

and it is bothering me that i cant make 'emby connect' work. is there a log that i can see debug info? maybe it will help me to figure out the problem. the "unable to connect to server" is rather vague message, especially that i know i can connect directly.

 

 

@get42n8that dialog is giving you 4 possible solutions. Which of those would you like to proceed with?

It sounds like you want to use the first one. The reason why you're getting this dialog is due to browsers becoming more strict about requiring https. So when our hosted web app is forced over to https, it will only allow connections to other https addresses.

[get42n8 0]

i am using emby server and emby app and infuse app for appleTV (local and sometimes remote)

https is disabled on the server now

I am connecting directly to emby server 

I was thinking for the remote use i want to secure authentication, that is why i wanted to use emby connect, hoping it will handle authentication securely and redirect to my emby server.

i also noticed that infuse app is less forgiving and does not want to do emby connect

emby app finally let me connect after i used mobile browser to add server. 

i don't care to encrypt stream itself, just auth.

is that wrong thinking that emby connect is going to encrypt authentication?

if that is the wrong assumption, perhaps i want to try reverse proxy option.

Do i need a dedicated box if i want to use reverse proxy, there are other activities on the box that involve internet that i don't want to interfere with.

Can reverse proxy be isolated to emby server connection only?

in your opinion what is less complicated reverse proxy option?

 

[Luke 42077]

Quote

Can reverse proxy be isolated to emby server connection only?

Hi, isn't this something you configure in the reverse proxy?

[Luke 42077]

Have you taken a look at this guide? It can help you with nginx:

 

[pwhodges 2012]

On 14/10/2025 at 05:47, get42n8 said:

i don't care to encrypt content, it actually might slow down the stream if i do.

i only want to secure the authentication.

Emby's authentication is part of Emby's data stream, so don't bother asking for something separate.

Encryption is far faster than Internet links.  Much of it is done in hardware anyway, these days.  When Google changed Gmail from HTTP to HTTPS they didn't add to the hardware used, and their cpu load changed by less than 1% (and that was way back).  The overhead of the HTTPS protocol is in the handshake, and so is mainly seen with extremely small packets (a few bytes only)  when opening and closing links for every packet.  tl;dr: Encryption overhead is too small to worry about.

Use a reverse proxy to run the https for you - it's easier than doing it in Emby itself.  Caddy is the simplest; it sets up HTTPS for you by default, and both acquires and updates the certificates automatically.  All you need to get and renew yourself is a domain name.  Reverse proxies are webservers, so they only handle the websites you define for them to handle.

Emby connect is an address lookup - it has nothing to do with the encryption side.

Paul