Jump to content

[solved] Is it possible to install an Client CACERT for emby in Linux?


Recommended Posts

looking111
Posted (edited)

Hello,

 

for SSL connection i need an client cacert. Fortigate Firewall do an deepinspection of ssl packages. So i get the error by libraryscan:

System.Net.Http.HttpRequestException: System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

The gloabl certificatestore from Ubuntu will not used from emby. So there must be a place in emby to install an cacert.

 

Thanks a lot :)

 

Edited by looking111
Posted

Hi, client certificates for who?

Posted

I understand, but what site?

Posted

If this is for IPS I think you need to install the very on the client endpoints.

 

 

Sent from my iPhone using Tapatalk

looking111
Posted (edited)

If this is for IPS I think you need to install the very on the client endpoints.

 

 

Sent from my iPhone using Tapatalk

nearly :) but yes. You need the very, so the ca certificate on each client in the network to browse https webservices.

 

@@Luke

I mean sites like MovieDB or https://api.themoviedb.org ....

 

I have installed the PFX. But i think this is only for emby itself.

Edited by looking111
Posted

Under the app dir you'll find:

/etc/ssl/certs/ca-certificates.crt

I suppose you can much with that but please note, you're in uncharted territory by doing this as we haven't tested this. Thanks.

looking111
Posted

Under the app dir you'll find:

/etc/ssl/certs/ca-certificates.crt

I suppose you can much with that but please note, you're in uncharted territory by doing this as we haven't tested this. Thanks.

 

Thank you. Yes, the certificate is already included there. I'll do some tests and exlude emby from this Inspectionrule for the first. Maybe it is an other error too.

looking111
Posted

Ok, i was not able to tell emby to use this CA. So i've done an exclude policies for emby. This way is also ok. Not the nicest, but ok.

 

:)

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...