chef 3810 Posted February 10, 2017 Posted February 10, 2017 Finally got my certificates for my domain, which is routed back to my server. I have created a pfx file in OpenSSL and applies it to the custom certificate in Embys advanced options. I have ported 443 for public addresses and 80 for local. But emby only want to show WAN as an http instead of an https link. Why do you think that is?
nxenos83 52 Posted February 11, 2017 Posted February 11, 2017 (edited) Do you have "Report https as external address" checked? Edited February 11, 2017 by nxenos83 1
chef 3810 Posted February 11, 2017 Author Posted February 11, 2017 (edited) Yes. So now I have https wan address which is my domain, I have the pfx certificate installed and the port for the wan address is 443. But when I attempt to browse to that domain address using https, the server is not reachable. The http address works like a charm, but if I want to get Alexa working it needs to be https... Edit: never mind I got it working finally. Oh sweet! Edited February 11, 2017 by chef
Happy2Play 9780 Posted February 11, 2017 Posted February 11, 2017 Yes. So now I have https wan address which is my domain, I have the pfx certificate installed and the port for the wan address is 443. But when I attempt to browse to that domain address using https, the server is not reachable. The http address works like a charm, but if I want to get Alexa working it needs to be https... Edit: never mind I got it working finally. Oh sweet! Share your secret.
chef 3810 Posted February 11, 2017 Author Posted February 11, 2017 (edited) All public ports in emby set to 443. Http and Https. Local ports in emby are set to default. Http is 8096 and Https is set to 8920 In the router configuration create two Forwarding rules. Name the first one: HTTPS with outgoing port 443 and incoming 8920. Name the second one: HTTP with outgoing 443 and incoming 8096. Make sure in the emby settings that "Report HTTPS as external address" is checked. I also have "Enable automatic port mapping" checked, but this might be irrelevant. I have added my custom certificate I bought for a wooping 75 Canadian dollars into "Custom Certificate path". I added my fancy new Domain address to "External Domain". There will have to be a server restart. Now move to your Domain configuration. Create an "A" type record which points to your external IP address. Now it is possible to browse to your domain address and access your emby login page. Pretty friggin awesome actually. Now I have to figure out why my custom server entry point in the server is throwing a 404 not found on the Amazon Alexa Custom Skill API site. Might be because my incoming ports are still set to default... But, things are moving along now full speed. Too bad there is such an intensive set up. I can definitely help people create server domains now. It is pretty tricky actually. I should mention that right now GoDaddy has ".online" domains for 0.99 cents... So go buy one and get it set up! The custom certificate is what is going to be a PITA! But I can help with that too. I have become somewhat of an expert in OpenSSL. Lol! Edited February 11, 2017 by chef
Swynol 375 Posted February 14, 2017 Posted February 14, 2017 I made a sort of write up here - https://emby.media/community/index.php?/topic/44757-setting-up-ssl-for-emby-wip/ It shows 2 ways to get HTTPS to work and shows you how to get a free cert although you need to renew it every 90 days.
Overseer 66 Posted February 15, 2017 Posted February 15, 2017 I have added my custom certificate I bought for a wooping 75 Canadian dollars into "Custom Certificate path". That's like a $1.75 in real money, correct? Who did you get the cert from? Will check out that GoDaddy .info sale, always looking to grab another top-level for my domain on the cheap. 1
Cerothen 97 Posted February 18, 2017 Posted February 18, 2017 That's like a $1.75 in real money, correct? Who did you get the cert from? Will check out that GoDaddy .info sale, always looking to grab another top-level for my domain on the cheap. $75 CAD?! I hope your using the certificate for more than having it not show an invalid certificate. I used to get certs from ssls.com for $5 per year but with let's encrypt now I get my valid certificates for free. Next time you are up for renewal you should check it out. Using certbot renewing is super easy. I have a small script that also generates a bundle.pem and pfx cert connects to my emby VM via SSH inserts the certificate and restarts emby whenever there is a renewal. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now