Guest Posted May 24 Posted May 24 (edited) Hello, I’m having major issues connecting to Emby through Emby Theater and the Samsung TV app. The server is running version 4.9.5.0, but Emby Theater says the server needs updating, and the Samsung TV app says it cannot connect. I have configured Fedora firewall and MikroTik NAT/firewall rules. Emby works flawless from web on LAN devices including Android, Apple, Fedora, CentOS, and Windows 11, I can also connect remotely from work and mobile data. I can SSH the Samsung TV Poke and Prod Emby and see traffic via: sudo tcpdump -ni any tcp port 8096 So the server is reachable locally and remotely, but Emby Theater and the Samsung TV app fail. I also tried one month of Emby Premiere, but it did not resolve the issue. Since Chrome/Firefox/Safari already works flawlessly, I don’t really need Emby Theater right now, but my wife and kids don't live on their computers Like I do... I’m not in a massive rush, and I might even sort it out eventually, but honestly it’s just annoying more than anything. I bet it turns out to be some random checkbox on the server that I’ve overlooked. Edited May 24 by martin.shead
dragonbytes 1 Posted May 31 Posted May 31 My sister's Samsung TV suddenly stopped connecting to my Emby Server, and similarly to the OP, i can connect through all other means, both locally and remotely, including my sister's roku. But the Emby Samsung TV app just wont connect. I AM using https though (and its REQUIRED for remote connections in the server settings). Is https connectivity a specific issue with the Samsung TV apps?
Luke 42593 Posted May 31 Posted May 31 1 hour ago, dragonbytes said: My sister's Samsung TV suddenly stopped connecting to my Emby Server, and similarly to the OP, i can connect through all other means, both locally and remotely, including my sister's roku. But the Emby Samsung TV app just wont connect. I AM using https though (and its REQUIRED for remote connections in the server settings). Is https connectivity a specific issue with the Samsung TV apps? Where did the SSL certificate come from? Samsungs are very picky, so to use https you need to use something they will accept.
dragonbytes 1 Posted May 31 Posted May 31 That's an interesting question, as my existing certificate recently expired and I had to purchase a new one. I get them from Namecheap, and they are issued by Sectigo. Then i generate the pfx file using openssl and the certificate files I got from Sectigo.
Luke 42593 Posted May 31 Posted May 31 27 minutes ago, dragonbytes said: That's an interesting question, as my existing certificate recently expired and I had to purchase a new one. I get them from Namecheap, and they are issued by Sectigo. Then i generate the pfx file using openssl and the certificate files I got from Sectigo. @SamESwill know better but I don't think that's going to work. With Samsungs I think you will either need ZeroSSL or DigiCert.
SamES 1107 Posted May 31 Posted May 31 1 hour ago, dragonbytes said: That's an interesting question, as my existing certificate recently expired and I had to purchase a new one. I get them from Namecheap, and they are issued by Sectigo. Then i generate the pfx file using openssl and the certificate files I got from Sectigo. I have seen a few of these recently, all using Sectigo certificates.As per my comments here, it looks like they have been rolling out new root certs over the last few years which have finally made it to most of the cert authorities. What year/model is the TV?
dragonbytes 1 Posted June 1 Posted June 1 (edited) I would say the TVs are just around those ages 2020/2021 something like that. With all that said, what can be done on my end to make them work if they have indeed had their root certificates updated? Using unencrypted http as mentioned in the threads you linked would not be a viable option for me. Could I purchase a new certificate from one of the known trusted sources they allow? And if so, which ones would you recommend? Thanks. Edited June 1 by dragonbytes
SamES 1107 Posted June 1 Posted June 1 As a test, can you try manually setting the DNS on one of the TV's to 1.1.1.1 (CloudFlare public DNS) in the TV Network settings. It resolved the issue for another user that was using a similar certificate, although they also had other playback issues. Since you can't connect at all and we don't know if you also have other playback issues on this device then it is worth a try.
dragonbytes 1 Posted June 1 Posted June 1 Ok so a few findings. I did try to manuallly set the DNS of my Samsung TV to 1.1.1.1 and it didn't make a difference. Still was unable to connect server. Also, when attempting to login via Emby Connect, I noticed in the "View Server Info" section, that BOTH the local AND WAN addresses are http only, despite my server being configured to require https for remote connections. Other than these login issues, i've never had any significant playback issues.
SamES 1107 Posted June 1 Posted June 1 29 minutes ago, dragonbytes said: Ok so a few findings. I did try to manuallly set the DNS of my Samsung TV to 1.1.1.1 and it didn't make a difference. Still was unable to connect server. Also, when attempting to login via Emby Connect, I noticed in the "View Server Info" section, that BOTH the local AND WAN addresses are http only, despite my server being configured to require https for remote connections. Other than these login issues, i've never had any significant playback issues. You could try fully uninstalling the app, remove power to the TV for a few minutes, reinstall and try reconnecting with https. I still think it's possibly a certificate issue, in which case I believe ZeroSSL certs still work (but for how long?) but a full reinstall might worth the effort just in case
dragonbytes 1 Posted June 2 Posted June 2 I strongly believe its related to the SSL certificate and I would consider purchasing a ZeroSSL cert, however i'm confused what you mean when you say "but for how long?". Even if at some point Samsung stops allowing ZeroSSL, surely there must be SOME certificate authority they will trust because don't their OWN services/supported apps etc use some form of TLS to securely connect on their backends etc? Wouldn't it just be a matter of finding out which companies they trust?
SamES 1107 Posted June 2 Posted June 2 30 minutes ago, dragonbytes said: I strongly believe its related to the SSL certificate and I would consider purchasing a ZeroSSL cert, however i'm confused what you mean when you say "but for how long?". Even if at some point Samsung stops allowing ZeroSSL, surely there must be SOME certificate authority they will trust because don't their OWN services/supported apps etc use some form of TLS to securely connect on their backends etc? Wouldn't it just be a matter of finding out which companies they trust? It's not that Samsun or ZeroSSL will stop support ing the TV, the issue is that the root certificates that are bundled in the TV and are used for verifying the HTTPS certificate have a set expiry, and Samsung (and LG) don't appear to ever be updating these certificate bundles in the TV once they expire. So at some point the ZeroSSL root certificate will also expire. I don't know when that will be but you could probably find out, although at best it's an estimate as they could be reviked early in some caes, or they coud start signing with a different certificate chain. For now, ZeroSSL is probably your only reliable solution.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now