Jump to content

Force HTTPS?


Go to solution Solved by iamspartacus,

Recommended Posts

iamspartacus
Posted

How can one force external connections to their Emby server to use https instead of http?

iamspartacus
Posted (edited)

Yes I've found that page but are you saying that I need to us UPnP port mapping in order to get this working?  I have that disabled on my firewall (pfSense) for a reason.  I have setup the necessary port forwarding rule myself to allow the https port inbound.  However I don't see any place to tell Emby to use https instead of http.  When I connect from a remote client I see the inbound connections using the http port (8096) instead of https.

 

EDIT:  I get it now.  I need to supply my own cert.  I had thought Emby supplied their own certs if not specified.

Edited by iamspartacus
Guest asrequested
Posted

I don't use it, but I believe this is what is required

 

59c7dd95e350e_Snapshot_225.jpg

Posted

Hi.  In the screen shot above it is the "Report https as external address" that you would want to enable.  Automatic port mapping is not required.

 

However, be aware that you probably will need a true certificate as opposed to a self signed one for all apps to work properly.

iamspartacus
Posted

Hi.  In the screen shot above it is the "Report https as external address" that you would want to enable.  Automatic port mapping is not required.

 

However, be aware that you probably will need a true certificate as opposed to a self signed one for all apps to work properly.

 

Yes, this I just found out.  I have created a new letsencrypt cert for emby.mydomain.com.  However, do you have any guides on how to create a .pfx file for this cert so I can import it into Emby?

iamspartacus
Posted

Ok I've created a custom cert, added the path to it in the "Custom Cert Path" location, supplied the password, the custom domain, and selected report HTTPS as external address.  I've since rebooted.  Yet Emby still tries to connect over over http (8096) from a remote client.

 

What am I missing?

Posted

Well, if using Emby Connect it will switch automatically but may not be immediate. if you connected manually by entering server address then you'll need to redo that step.

iamspartacus
Posted

Well, if using Emby Connect it will switch automatically but may not be immediate. if you connected manually by entering server address then you'll need to redo that step.

 

I'm using Emby Connect.  I tried it pretty immediately so I'll try again after giving it some time.

iamspartacus
Posted

Ok, I see the traffic now going over the HTTPS port I configured in my firewall and it's passing now instead of being blocked.

 

However, when I click on my server in the app and hit connect, I get "We're unable to connect to the selected server right now."  So something must be off in my config I'm guessing.  Is there something I can look for in the logs to help identify my problem?

Posted

If you attach the log we can take a look. If for some reason the device rejected the cert then it wouldn't have gotten far enough to make it into the log.

iamspartacus
Posted

If you attach the log we can take a look. If for some reason the device rejected the cert then it wouldn't have gotten far enough to make it into the log.

 

Yup it's not making it to the log.  Must be an issue with the cert.  I'll troubleshoot this further.

  • Solution
iamspartacus
Posted

Just want to report back that I got this working.  The issue was more about what ports I was forwarding and my reverse proxy.  Once I forwarded the public https port (8920) to my internal nginx port my issue was resolved.

  • Like 2

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...