juerg 0 Posted January 3 Posted January 3 Hi everybody, I am operating the emby server on an windows server 2019 and behind an unifi dream machine as router. HTTP access runs from my domain with port forwarding. I do like tho have HTTPS configured. I have a certificat with privat key and password from my hosting provide no-ip from digicert. I have tried to find a how to for this case, can anyone please give my a hint? Thx a lot
juerg 0 Posted January 7 Author Posted January 7 Yes, i have just skiped the part about getting the zertificate as i have received the digicert zertificate from my dns provider (no-ip). I have converted the certificate to pfx and added it to emby. Port is open and directed to the emby server (http works already). My concerns: Could windows server 2019 be a problem? As i can see emby created already firewall rules there. Can i somehow test if my certficate is ok? Is the unifi dream machine an known issue maybe? Thx already for all the help
Lessaj 467 Posted January 7 Posted January 7 If your PFX is okay then the server will be listening on your HTTPS port, otherwise it should log an error in the logs. You can try to use your web browser to connect internally to the HTTPS port first to verify it's listening and that the certificate is trusted. 1
js28194 36 Posted January 7 Posted January 7 (edited) You can test yourself w/o sharing your domain with the rest of the planet. Also, you should consider decoupling your brain from Network Infrastructure (port forwarding) with Sever configuration (SSL Certificates) don't conflate and deflate. https://www.ssllabs.com/ssltest/ Edited January 7 by js28194
Neminem 1518 Posted January 7 Posted January 7 (edited) Hmm have you enabled geo-blocking in your Unifi router? Edited January 7 by Neminem
Q-Droid 989 Posted January 7 Posted January 7 1 hour ago, Lessaj said: If your PFX is okay then the server will be listening on your HTTPS port, otherwise it should log an error in the logs. You can try to use your web browser to connect internally to the HTTPS port first to verify it's listening and that the certificate is trusted. This post is the right approach. You start with the innermost checks - Can the server open the PFX? Is it listening on the HTTPS port? Can you connect locally to the HTTPS port? If not then ignore remote HTTPS until you get it working locally. Restart the Emby server and check the log to see why it might not be listening on the HTTPS port. 1
juerg 0 Posted January 8 Author Posted January 8 Thx for your help. The problem is already with th local connection.
Lessaj 467 Posted January 8 Posted January 8 Okay so if it's not working locally then provide a log and we can maybe see why that is.
juerg 0 Posted January 8 Author Posted January 8 Thx, let my play around first, as have found some help on how to test and install the cerificate properly on the digicert website. I should know more next week.... will let you know. Btw: ther are a few log files from emby server. Which should i provide an can i send them as private somehow? Sorry for my english.. i am a swiss native , so more fluent in german and swiss german.
Lessaj 467 Posted January 8 Posted January 8 You can upload the latest embyserver.txt file from the time the server was started if you download it from the server dashboard you enable the "anonymize log content" toggle. The loading of the cert happen during startup so you can just start it and grab the log.
juerg 0 Posted January 11 Author Posted January 11 i had still no luck.... can you please have a look at the log file? thx a lot. embyserver.txt
Neminem 1518 Posted January 11 Posted January 11 Hmm you logs are filled with these issues. But since I don't speak German I can't help you with this. Error in The Open Movie Database *** Error Report *** Version: 4.9.3.0 Command line: C:\Users\Panzerknacker\AppData\Roaming\Emby-Server\system\EmbyServer.dll -noautorunwebapp Operating system: Microsoft Windows 10.0.17763 OS/Process: x64/x64 Framework: .NET 8.0.22 Runtime: C:/Users/Panzerknacker/AppData/Roaming/Emby-Server/system/System.Private.CoreLib.dll Processor count: 4 Data path: C:\Users\Panzerknacker\AppData\Roaming\Emby-Server\programdata Application path: C:\Users\Panzerknacker\AppData\Roaming\Emby-Server\system MediaBrowser.Model.Net.HttpException: MediaBrowser.Model.Net.HttpException: Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden. (private.omdbapi.com:443) ---> System.Net.Http.HttpRequestException: Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden. (private.omdbapi.com:443) ---> System.Net.Sockets.SocketException (11004): Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden. at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken) at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token) at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|285_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(QueueItem queueItem) at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.DecompressionHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken) at Emby.Server.Implementations.HttpClientManager.CoreHttpClientManager.SendAsyncInternal(HttpRequestOptions options, String httpMethod) --- End of inner exception stack trace --- at Emby.Server.Implementations.HttpClientManager.CoreHttpClientManager.SendAsyncInternal(HttpRequestOptions options, String httpMethod) at Emby.Server.Implementations.HttpClientManager.CoreHttpClientManager.SendAsync(HttpRequestOptions options, String httpMethod) at OMDb.Common.OmdbItemProvider.SearchByName(String name, Nullable`1 year, ItemLookupInfo searchInfo, String type, Boolean isSearch, CancellationToken cancellationToken) at OMDb.Common.OmdbItemProvider.SearchByName(List`1 namesToSearch, Nullable`1 year, ItemLookupInfo searchInfo, String type, Boolean isSearch, CancellationToken cancellationToken) at OMDb.Common.OmdbItemProvider.GetSearchResultsInternal(ItemLookupInfo searchInfo, String type, Boolean isSearch, CancellationToken cancellationToken) at OMDb.Common.OmdbItemProvider.GetMovieImdbId(ItemLookupInfo info, CancellationToken cancellationToken) at OMDb.Common.OmdbItemProvider.GetMovieResult[T](ItemLookupInfo info, IDirectoryService directoryService, CancellationToken cancellationToken) at Emby.Providers.Manager.MetadataService`2.ExecuteRemoteProviders(MetadataResult`1 temp, LibraryOptions libraryOptions, String logName, TIdType id, IRemoteMetadataProvider`2[] providers, MetadataRefreshOptions options, CancellationToken cancellationToken) Source: Emby.Server.Implementations TargetSite: Void MoveNext() InnerException: System.Net.Http.HttpRequestException: Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden. (private.omdbapi.com:443) Source: System.Net.Http TargetSite: Void MoveNext() at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(QueueItem queueItem) at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.DecompressionHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken) at Emby.Server.Implementations.HttpClientManager.CoreHttpClientManager.SendAsyncInternal(HttpRequestOptions options, String httpMethod) InnerException: System.Net.Sockets.SocketException: Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden. Source: System.Net.Sockets TargetSite: Void ThrowException(System.Net.Sockets.SocketError, System.Threading.CancellationToken) at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken) at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token) at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|285_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken)
juerg 0 Posted January 11 Author Posted January 11 (edited) If i change the server to 'english', i assume that whould help? InnerException: System.Net.Sockets.SocketException: Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden The requested name is valid, however no data of the requested type was found. Please help Edited January 11 by juerg
Lessaj 467 Posted January 11 Posted January 11 Thank you for the log. I'm not really clear on what those OMDB API errors mean, I have definitely seen errors with their API before pretty commonly but I haven't seen that specifically. It is likely secondary to the issue here. Based on your log it is listening on both 8096 and 8920 successfully, otherwise there would be an error here. 2026-01-11 13:45:41.195 Info App: Adding HttpListener prefix http://+:8096/ 2026-01-11 13:45:41.195 Info App: Adding HttpListener prefix https://+:8920/ Additionally based on your log your system has the following addresses: Quote 192.168.1.160 10.10.10.2 The 192 address is likely your main connection to your router, and the 10 address is a point to point with your NAS since it has no gateway address and your library paths are for 10.10.10.1. I also see it's a Windows device. This means that from the Windows device itself you should be able to access all of the below addresses, since based on my understanding it will listen on ALL addresses, and the "Local IP address" field under Network is only used to ensure that the correct local IP is advertised to client apps if you have multiple IPs. http://localhost:8096 http://192.168.1.160:8096 http://10.10.10.2:8096 https://localhost:8920 https://192.168.1.160:8920 https://10.10.10.2:8920 Please confirm if all of these work - you would see a certificate error on 8920 for the CN not matching, but that's okay. To be clear, while all of these should work, the important one should be 192.168.1.160 on both 8096 and 8920. If both ports are working for the 192 address then please try it from another device on your local network as well, since that should also work. 1
juerg 0 Posted January 13 Author Posted January 13 Nope, none of the https links are working. All of the http links (also from external) are working. Should i attach the the server 2019 firewall log? I have removed the 10.10.x.x Network and changed all Librarys to update from 192.168.x.x to make it more visible and changed the language of the OS and Emby to english.embyserver.txtembyserver.txt
juerg 0 Posted January 14 Author Posted January 14 1. I have just added the path and password to the pfx file, added the external domain and changed the secure connection mode to preferred, but not required. 2. I have also changed now the language from german to english for the server 2019, emby server and the Librarys. 3. I have also removed teh 10.10.10.x Network, so all communication is running over 192.168.x.x 4. I am not sure if my Unifi Dream machine Router could cause any issue because is using various TCP ports for its management interface (like 80 HTTP, 443 HTTPS, 22 SSH) I have attached the emby log, that reflects all the changes. 5. I have not imported any certificates to the windows server. Access from external over http://domain.name:port ist working, that solved also (at the moment) my issue with my phillips titan os tv (keyboard still not working, had to use an external keyboard, i can see it connecting as opera browserand play movies without any issues) Tried that yesterday because i don't like plex, and surprisingli it worked at least over http. embyserver.txt
Lessaj 467 Posted January 14 Posted January 14 I don't see anything in your logs that would indicate there's anything preventing access to 8920 on localhost, that has nothing to do with your networking equipment it's completely local to the device. If that doesn't work, it'll never work from anywhere else either. What error are you seeing in the web browser when trying to connect to: https://localhost:8920
Neminem 1518 Posted January 14 Posted January 14 55 minutes ago, juerg said: phillips titan os tv Just a fyi. Is still really new, and mostly not working
juerg 0 Posted January 15 Author Posted January 15 20 hours ago, Lessaj said: I don't see anything in your logs that would indicate there's anything preventing access to 8920 on localhost, that has nothing to do with your networking equipment it's completely local to the device. If that doesn't work, it'll never work from anywhere else either. What error are you seeing in the web browser when trying to connect to: https://localhost:8920 Hi here are the messages from chrome and edge, the same happens for 192.168.1.160 and 127.0.0.1
Lessaj 467 Posted January 15 Posted January 15 Hm, I'm not sure at this point, there shouldn't be anything preventing that from connecting, there's no error related to the certificate. I suppose make sure the port shows as listening is the first thing to check. netstat -an | findstr 8920
Lessaj 467 Posted January 15 Posted January 15 That looks correct to me. I can't see it being a missing firewall rule especially when using localhost but I you could check for that, it should add them automatically when you install Emby Server even if you don't set up HTTPS. I suppose at this point you could try to telnet to the port to see if the connection is accepted (may need to add the Telnet Client feature to use that), and use openssl to verify that a certificate is being presented (would need to get an OpenSSL binary for Windows). telnet localhost 8920 With openssl installed you can try to just connect and see the certificate being presented. openssl s_client -connect localhost:8920
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now