papalozarou 0 Posted January 22, 2019 Posted January 22, 2019 Remote server, running version 4.0.1.0 on Ubuntu 16.04.5. Secure connection mode is set to require for all connections. If I try to connect via iPad, iPhone or Android TV apps, to my remote server, I get the "We're unable to connect error If I try to connect either directly via browser to https://emby.mydomain.com:8920, it's fine. Even http://emby.mydomain.com:8096 redirects to https. Same for http://my-ip-address:8096 redirecting to https://my-ip-address:8920. If I try to connect via browser to https://app.emby.media, it's fine. Likewise http://app.emby.media. Same for http or https://tv.emby.media. If I set the secure connection mode to disabled I can get in from all apps. In the android TV app, the server is listed as my-ip-address:8096 regardless of the setting for secure connection mode. It's driving me nuts as it worked a few days ago. Both 8096 and 8920 are open on the remote server (hence it working in a browser). The SSL certificate doesn't throw any errors when connecting in the browser either. The log file shows this every time a connection is refused from either of the three apps: 2019-01-22 22:50:20.938 Error HttpServer: Error in ProcessAccept *** Error Report *** Version: 4.0.1.0 Command line: /opt/emby-server/system/EmbyServer.dll -programdata /var/lib/emby -ffdetect /opt/emby-server/bin/ffdetect -ffmpeg /opt/emby-server/bin/ffmpeg -ffprobe /opt/emby-server/bin/ffprobe -restartexitcode 3 -updatepackage emby-server-deb_{version}_amd64.deb Operating system: Unix 3.14.32.6 64-Bit OS: True 64-Bit Process: True User Interactive: True Processor count: 4 Program data path: /var/lib/emby Application directory: /opt/emby-server/system System.IO.IOException: System.IO.IOException: Authentication failed because the remote party has closed the transport stream. at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest) --- End of stack trace from previous location where exception was thrown --- at System.Net.Security.SslState.ThrowIfExceptional() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Net.Security.SslStream.c.b__50_2(IAsyncResult iar) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization) --- End of stack trace from previous location where exception was thrown --- at SocketHttpListener.Net.HttpConnection.Init() at SocketHttpListener.Net.HttpEndPointListener.ProcessAccept(SocketAsyncEventArgs args) Source: System.Net.Security TargetSite: Void StartReadFrame(Byte[], Int32, System.Net.AsyncProtocolRequest) at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest) --- End of stack trace from previous location where exception was thrown --- at System.Net.Security.SslState.ThrowIfExceptional() at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) at System.Net.Security.SslStream.c.b__50_2(IAsyncResult iar) at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization) --- End of stack trace from previous location where exception was thrown --- at SocketHttpListener.Net.HttpConnection.Init() at SocketHttpListener.Net.HttpEndPointListener.ProcessAccept(SocketAsyncEventArgs args)
Luke 42077 Posted January 23, 2019 Posted January 23, 2019 Hi there, what kind of SSL cert do you have? You will need to have an SSL cert that these devices will accept. We do not have any kind of overrides incorporated into iOS, Apple TV, or Android TV. If the devices do not trust your certificate, then it will not work.
papalozarou 0 Posted January 23, 2019 Author Posted January 23, 2019 hey Luke. I suspected it might be the cert which I generated using LetsEncrypt (and later joined or whatever I needed to do to produce the correct format, I can't actually remember the full details). T he cert doesn't throw any errors in the browser, which I assumed it would if the system thought it was untrustworthy – i.e. getting the warning screen before proceeeding. It also _used to_ work fine. I'l try and generate another cert tonight and see if that solves the issue.
papalozarou 0 Posted January 24, 2019 Author Posted January 24, 2019 Sorted. The cert had expired. Had to do a lot of monkeying to get it to work again but it's all working now.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now