darkassassin07 652 Posted April 2, 2018 Posted April 2, 2018 (edited) Im trying to setup ssl/https for external connections: External domain is set correctly, correct path to valid letsencrypt .pfx (tested and working with other services) with correct password require https for external connections enabled wan https port set to 8096 8096 forwarded. When attempting to connect to the https page via https://mydomain.blah:8096 I get the error " ERR_SSL_PROTOCOL_ERROR" chrome with dev tools open looking at the security tab: "This page is not secure. Certificate - valid and trusted The connection to this site is using a valid, trusted server certificate issued by unknown name. Resources - all served securely All resources on this page are served securely." The only lines from the log containing 'https:' '2018-04-02 00:13:06.905 Info HttpServer: Adding HttpListener prefix https://+:8920/' 2018-04-02 00:13:07.793 Info HttpClient: GET https://emby.media/community/index.php?/blog/rss/1-media-browser-developers-blog^ in 5 locations I cant find any other info :/ If I disable require https and swap http back to 8096 I can connect just fine so I know the port forward works fine. /edit: from wan, Https://mydomain.blah:8096 get that error, but if I change https to http, I connect. wan http port: 8920 https 8096 require https enabled. the dashboard displays Remote (WAN) access: https://mydomain.blah:8089 If i try to connect to that 'ERR_SSL_PROTOCOL_ERROR' I can connect via Https://local.mydomain.blah:8920 while on lan. (local.mydomain.blah, mydomain.blah, and www.mydomain.blah are all valid in the cert and working with other services.) Edited April 2, 2018 by darkassassin07
Luke 42081 Posted April 2, 2018 Posted April 2, 2018 When attempting to connect to the https page via https://mydomain.blah:8096 I get the error " ERR_SSL_PROTOCOL_ERROR" https is on port 8920. You can't use it on the http port 8096, they are different.
darkassassin07 652 Posted April 2, 2018 Author Posted April 2, 2018 (edited) When attempting to connect to the https page via https://mydomain.blah:8096 I get the error " ERR_SSL_PROTOCOL_ERROR" https is on port 8920. You can't use it on the http port 8096, they are different.I have my public http port changed to 8920 and the public https port set to 8096. The wan address listed on the dashboard is https://mydomain.blah:8096 This is so 8096 connects to https on wan and http on lan Edited April 2, 2018 by darkassassin07
Luke 42081 Posted April 2, 2018 Posted April 2, 2018 Why would you reverse them? Aren't you just making things more complicated? Complicated for yourself, but also for us because this is a little confusing.
darkassassin07 652 Posted April 2, 2018 Author Posted April 2, 2018 This is so 8096 connects to https on wan and http on lan
Luke 42081 Posted April 2, 2018 Posted April 2, 2018 I get it but I've never tried this before and honestly this is a little confusing to try and troubleshoot. Can you please go back to using the default port settings? Please try that out. Thanks.
KMBanana 116 Posted April 2, 2018 Posted April 2, 2018 Emby has configuration for two sets of ports. Chaning the Local port settings actually changes the ports Emby is listening on. Changing the Public ports just changes what the port advertised to clients is. It sounds like you only changed the Public port settings, so your advertised https Public port is actually pointing at your unencrypted local http port, and vice versa. As others have said, there is no good reason for you to switch 8920 to http and 8096 to http, but you can do it if you want (by also swapping the Local port settings).
darkassassin07 652 Posted April 2, 2018 Author Posted April 2, 2018 Did a bit of poking around: If I have local http and public(wan) https set to the same port number: public https no longer works. I can still access local https, local http, and public http I have used this setup befor about 6 months ago, I moved to plex for a while but have abandoned them and their lack of support. When I used emby last matching the local http and public https ports worked just fine
darkassassin07 652 Posted April 2, 2018 Author Posted April 2, 2018 (edited) Emby has configuration for two sets of ports. Chaning the Local port settings actually changes the ports Emby is listening on. Changing the Public ports just changes what the port advertised to clients is. It sounds like you only changed the Public port settings, so your advertised https Public port is actually pointing at your unencrypted local http port, and vice versa. As others have said, there is no good reason for you to switch 8920 to http and 8096 to http, but you can do it if you want (by also swapping the Local port settings). THANK YOU! I just remembered what I forgot: when I had this setup befor I had my router forward public 8096 to local 8920. Its been a while since I have done this... /edit: confirmed and working. Thanks for the help guys Edited April 2, 2018 by darkassassin07
Jdiesel 1431 Posted April 2, 2018 Posted April 2, 2018 (edited) Glad you got it working but your configuration is overly complicated for no reason. If it was me I would: Local http: 8096 Local https: 8920 Public http: 8096 Public https: 443 Set you router to forward public port 443 to local port 8920 Edited April 2, 2018 by Jdiesel
darkassassin07 652 Posted April 2, 2018 Author Posted April 2, 2018 I cannot use public port 80 or 443 telus blocks them on residential internet connections. The main reason for my port mappung is to have local http and public https match so that with the same address/port number you get connected with ssl outside the network, but plain http on lan.
Carlo 4561 Posted April 3, 2018 Posted April 3, 2018 I cannot use public port 80 or 443 telus blocks them on residential internet connections. The main reason for my port mappung is to have local http and public https match so that with the same address/port number you get connected with ssl outside the network, but plain http on lan. You might want to experiment with nginx (linux or windows versions) or nginx with cloudfare combined.
darkassassin07 652 Posted April 4, 2018 Author Posted April 4, 2018 Wouldnt I need a device/system on a network that can receive data on 80/443 that then routes traffic to my network via 8096,ect? That or pay for another service to do it? Im only hosting emby to two people outside my network other than myself, everything else i host is for me alone and I dont mind remembering the port numbers (though i use chrome shortcuts mostly)
Carlo 4561 Posted April 4, 2018 Posted April 4, 2018 Your router can do this via port forwarding. You can also do this via nginx as well.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now