cw-kid 192 Posted May 30, 2015 Posted May 30, 2015 (edited) Hi I have just used my WHS 2011 Servers existing SSL certificate (Go Daddy) and exported it to a .pfx file, following the instructions in part I here and then also stripped out the password for use with Emby, following these instructions here. So now in the Emby Server -> Advanced -> Hosting I have a local path to point to this new .pfx cert file in the "Custom Certificate Path" field and I have also turned on the option "Report HTTPS as external address". I can now enter https://myserver.homeserver.com:EmbyPort# and I get the Emby web GUI login page secured with SSL, so far so good! But I am unsure about some of the Kodi add-on settings for SSL. I found this page here which explains what each Kodi add-on setting does. And also a page here for the Emby Server Hosting settings. In the Kodi add-on settings I changed the port number to be the HTTPS one and I have also turned on the following settings: Enable HTTPS: (ON) Verify Host SSL Certificate: (ON) This is the same as when you access via browser (bypass the SSL warning). This should be left disabled if you are using a self-signed certificate. Kodi seems to still connect OK (testing on the LAN) and do its sync, so I assume its now working over HTTPS. However there is another setting: Client SSL certificate: (NONE) Takes .pem certificate. This is not required if you are using a self-signed certificate. I don't have a client SSL certificate for the actual Windows 7 PC running Kodi. Do I need to do anything with this? Thanks. Edited May 30, 2015 by cw-kid
cw-kid 192 Posted May 30, 2015 Author Posted May 30, 2015 Also when accessing the Emby web GUI in Chrome browser it crosses out the HTTPS and says the following about the connection: But in Internet Explorer browser it seems happier
Angelblue05 4132 Posted May 30, 2015 Posted May 30, 2015 If you don't have a client side certificate, then you don't need one. From what I was reading when putting the option together, it's rare people will use it. What you just want is to verify the host since you are not using a self signed certificate. I think the way you have it now is correct... As for the messages, I'm unsure... Maybe post in the webclient forum or server forum to find out if there's anything you should know, etc. Sent from my iPhone using Tapatalk 1
cw-kid 192 Posted May 30, 2015 Author Posted May 30, 2015 OK thanks as long as Kodi is configured correctly for HTTPS I'm happy! 1
Recommended Posts