Mopar 0 Posted January 9 Posted January 9 So i have a domain name and ssl cert for my server for a year now for remote access. Just renewed my name and ssl cert and now my site is down and im no longer able to access my server off of my home network. I must be missing something but im not sure what. Nothing else has changed except just renewing. I have converted my certs to the pk12 file, put the password in all that, but once i did everything went down and hasnt come back up. What am i missing and how do i get back online?
Mopar 0 Posted January 9 Author Posted January 9 11 minutes ago, Luke said: Hi there, what exactly happens when you try? It just dont connect and the website gives a dns error. Dns_probe_possible specifically. It also shows that connection is not secure and theres no ssl cert. It wont connect through the app either.
Lessaj 467 Posted January 9 Posted January 9 To clarify, you've renewed the certificate and now you've lost HTTPS access? Is that both internal and external or only external? Is HTTP still working internal or external?
Mopar 0 Posted January 9 Author Posted January 9 2 minutes ago, Lessaj said: To clarify, you've renewed the certificate and now you've lost HTTPS access? Is that both internal and external or only external? Is HTTP still working internal or external? I can connect on lan only. As long as im connected to my network i have server access on my phone app and smart tvs. Still no website access though. If i turn off wifi on my phone or just being outside of my home, i have zero access to my server at all. No website, the app cant connect, other devices cant connect. Since the website says its not secure now im guessing its both http and https.
Lessaj 467 Posted January 9 Posted January 9 (edited) Okay it's probably working internally because it's only using HTTP. If HTTPS does not work in your web browser even internally then please provide the server log - more than likely there is an issue with your certificate when you created the PFX. EDIT: A server log from startup. Edited January 9 by Lessaj
Mopar 0 Posted January 9 Author Posted January 9 2 minutes ago, Lessaj said: Okay it's probably working internally because it's only using HTTP. If HTTPS does not work in your web browser even internally then please provide the server log - more than likely there is an issue with your certificate when you created the PFX. EDIT: A server log from startup. I will have to check and post when i get home tonight. Currently at work. But i will say even trying to connect just on http nothing works, even when adding the port number at the end. So it seems its not wanting to be reachable on wan at all, only on lan.
Lessaj 467 Posted January 9 Posted January 9 I wouldn't be surprised if your browser is still automatically trying https if you didn't explicitly put http:// (along with the port too). But yes post up when you get home, you need to verify what works internally first before moving to external.
Mopar 0 Posted January 9 Author Posted January 9 Even like right now trying to pull up the emby app on my phone, it wants me to select a server instead of loading. And when i try selecting mine thats saved i get an error saying can not connect, make sure the server is running. So like, its physically working as long as im on my home wifi, but thats it.
Mopar 0 Posted January 9 Author Posted January 9 3 minutes ago, Lessaj said: I wouldn't be surprised if your browser is still automatically trying https if you didn't explicitly put http:// (along with the port too). But yes post up when you get home, you need to verify what works internally first before moving to external. I have manually put http://www.etc... in my browser. I can load up and view everything at home on my home network. Like it "works" as a local media player basically, just no access at all when not on my home wifi. With the exception of my website which has no access even on home wifi. Http or https.
Lessaj 467 Posted January 9 Posted January 9 (edited) 18 minutes ago, Mopar said: As long as im connected to my network i have server access on my phone app and smart tvs. 3 minutes ago, Mopar said: With the exception of my website which has no access even on home wifi. Http or https. These are conflicting statements, if it's working on those devices then at the bare minimum the HTTP port must be up and running, there really isn't any difference between the apps requesting data on that port and using the web app. Your server log will provide the needed insights to start troubleshooting. Edited January 9 by Lessaj
Luke 42077 Posted January 11 Posted January 11 Hi there, please attach the Emby server log from when the problem occurred: How to Report a Problem Thanks!
Mopar 0 Posted January 11 Author Posted January 11 1 hour ago, Luke said: Hi there, please attach the Emby server log from when the problem occurred: How to Report a Problem Thanks! embyserver.txt
Mopar 0 Posted January 11 Author Posted January 11 here is another logs from the other day. Just getting time to mess with this again. Thanks! embyserver-63903600000.txt
Lessaj 467 Posted January 11 Posted January 11 Can you provide a log after restarting the server? Both of these logs are just rollover so they lack a lot of the information. I think I can see that you're using 443 for HTTPS and 8096 for HTTP but a startup log would be ideal.
Mopar 0 Posted January 11 Author Posted January 11 8 minutes ago, Lessaj said: Can you provide a log after restarting the server? Both of these logs are just rollover so they lack a lot of the information. I think I can see that you're using 443 for HTTPS and 8096 for HTTP but a startup log would be ideal. just restarted. not sure exactly which you need but heres both. embyserver.txt embyserver-63903752931.txt
Lessaj 467 Posted January 11 Posted January 11 Thank you, based on your startup log it is listening on the following ports: 2026-01-11 18:29:09.820 Info App: Adding HttpListener prefix http://+:8096/ 2026-01-11 18:29:09.820 Info App: Adding HttpListener prefix https://+:443/ So your certificate is working properly. And the server has the following IP address: 10.0.0.68 There's also a lot of IPv6 addresses for some reason, you can likely disable IPv6 if you don't actually use it, but it shouldn't conflict. Since this is a windows device you should be able to reach the web app at the following addresses on the device itself: http://localhost:8096 http://10.0.0.68:8096 https://localhost https://10.0.0.68 Please confirm that you can reach all of these on the device itself. If 10.0.0.68 is working then you can try that from another device, it should also work. If it doesn't, check that the Network Profile for the ethernet adapter is set to Private.
Mopar 0 Posted January 11 Author Posted January 11 1 minute ago, Lessaj said: Thank you, based on your startup log it is listening on the following ports: 2026-01-11 18:29:09.820 Info App: Adding HttpListener prefix http://+:8096/ 2026-01-11 18:29:09.820 Info App: Adding HttpListener prefix https://+:443/ So your certificate is working properly. And the server has the following IP address: 10.0.0.68 There's also a lot of IPv6 addresses for some reason, you can likely disable IPv6 if you don't actually use it, but it shouldn't conflict. Since this is a windows device you should be able to reach the web app at the following addresses on the device itself: http://localhost:8096 http://10.0.0.68:8096 https://localhost https://10.0.0.68 Please confirm that you can reach all of these on the device itself. If 10.0.0.68 is working then you can try that from another device, it should also work. If it doesn't, check that the Network Profile for the ethernet adapter is set to Private. i can reach it on localhost in my browser. thats no issue. the issue is i cant reach it remotely. like friends and family can no longer connect to my server from their house, i can no longer connect to my server from my phone when im not home, and my website, thats through dynu that ive had for a year now, is no longer reachable. (www.myserver.com). the only thing that has changed is me renewing my domain name and ssl cert through dynu. everything has been kosher until the day i made my post on here when i did that and it stopped being reachable outside of my home network/lan. i just renewed my domain so i didnt lose it , and my ssl cert to keep it secure. converted the cert to px12 or whatever, placed it in the emby app as before and no dice.
Lessaj 467 Posted January 11 Posted January 11 Right so what I'm trying to identify is if the internal IP address is working at all, since that has to work in order for remote access to work via port forwarding. So does the local IP address work?
Mopar 0 Posted January 11 Author Posted January 11 (edited) 6 minutes ago, Lessaj said: Right so what I'm trying to identify is if the internal IP address is working at all, since that has to work in order for remote access to work via port forwarding. So does the local IP address work? yes. as long as im on my home wifi it works. like i can connect to my server on my phone if im on wifi, and my smart tvs at home, along with on my home computers. the issue is connecting outside of my home via my website/emby connect/etc. all of that was working fine until on the 8th when i renewed my domain and ssl cert through dynu. Edited January 11 by Mopar
Lessaj 467 Posted January 12 Posted January 12 Okay great, you had said before that it didn't load but I think you meant specifically that your domain site was not loading, apologies for the mixup there. Check that your domain is correctly resolving to your external address using nslookup, and review your port forwarding rules to ensure it still matches. You can also try to connect directly using the external IP and port while on your data, and/or use a service like canyouseeme.org to verify the port forwarding is working.
Mopar 0 Posted January 12 Author Posted January 12 5 minutes ago, Lessaj said: Okay great, you had said before that it didn't load but I think you meant specifically that your domain site was not loading, apologies for the mixup there. Check that your domain is correctly resolving to your external address using nslookup, and review your port forwarding rules to ensure it still matches. You can also try to connect directly using the external IP and port while on your data, and/or use a service like canyouseeme.org to verify the port forwarding is working. so using that site it is coming back to my external/public ip address, and on canyouseeme it is showing that port 443 is open. when trying to connect via ip address:443 on data i get an error ERR_EMPTY_RESPONSE..when trying to connect just with the domain name i get err_connection_aborted or connection_closed. i have set my settings to prefer secure but not required in emby and when i try to connect it takes a while and now redirects to the non secure with :8096 port at the end now. before it wouldnt even do that even when setting the secure connection type to disabled.
Mopar 0 Posted January 12 Author Posted January 12 Oh and i went to add. Dont know how relevant it is. But i host a few game servers off the same server pc, and they have been unaffected through all of this. This is just on my media server.
Lessaj 467 Posted January 12 Posted January 12 Okay I'm running out of things to check at this point, it sounds like it's sending traffic to the wrong port. Can you show your port forwarding rules? Something else you could try to check when you're trying to connect on your mobile data is find out the IP your device is coming from and run in cmd: netstat -an | findstr <IP.OF.YOUR.MOBILE.DEVICE> You should basically see something like: TCP 10.0.0.68:443 <IP.OF.YOUR.MOBILE.DEVICE>:<some.random.source.port> ESTABLISHED
Mopar 0 Posted January 12 Author Posted January 12 1 minute ago, Lessaj said: Okay I'm running out of things to check at this point, it sounds like it's sending traffic to the wrong port. Can you show your port forwarding rules? Something else you could try to check when you're trying to connect on your mobile data is find out the IP your device is coming from and run in cmd: netstat -an | findstr <IP.OF.YOUR.MOBILE.DEVICE> You should basically see something like: TCP 10.0.0.68:443 <IP.OF.YOUR.MOBILE.DEVICE>:<some.random.source.port> ESTABLISHED Is there something im missing connecting it to dynu or something? I forget what/how i exactly did it before. Ive tried going through the guide to secure your server on here, but i feel like maybe im missing or misunderstanding something? Thing is with that guide, i feel like its mainly for setting it up for the first time. Which is not the case, as it was already setup, i just renewed everything is all. Its all really starting to become a frustrating pita at this point. No port forwarding rules have changed or anything. Everything was working fine right up to the second i renewed my domain/ssl cert. Thats whats driving me crazy and why i posted on here, cause to me at least, that makes zero sense.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now