Dietpi server with Jellyfin & Self-Signed Certificate

webfinder42 · 2 August 2023 19:34

Hi every one

I have installed jellyfin and would like to run with https locally on my network, do you have any guide for this?
I have read & done this so I have my certificate which jellyfin approves on the web-interface (jellyfin.pfx) that is self-signed certificate.
https://www.sslshopper.com/article-most-common-openssl-commands.html

I still can’t access the server via https, but http works just fine.
Do you have any suggestions for this? (server has been restarted)

Yes, I know you’re going to wonder why, but it was because I want to see if it’s possible, thanks.

Joulinar · 2 August 2023 19:52

restart your system and check your application log for related error messages

journalctl -u jellyfin.service

webfinder42 · 7 August 2023 19:29

Thanks for that command, i have created the following folder /mnt/dietpi_userdata/certs/jellyfin.pfx with the cert inside.

I got the following messages:

jellyfin[651]: [21:24:29] [ERR] Error loading cert from /mnt/dietpi_userdata/certs/jellyfin.pfx
jellyfin[651]: Interop+Crypto+OpenSslCryptographicException: error:2006D002:BIO routines:BIO_new_file:system lib
jellyfin[651]:    at Interop.Crypto.CheckValidOpenSslHandle(SafeHandle handle)
jellyfin[651]:    at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
jellyfin[651]:    at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
jellyfin[651]:    at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
jellyfin[651]:    at Emby.Server.Implementations.ApplicationHost.GetCertificate(String path, String password)

Joulinar · 7 August 2023 19:46

Can you share following

ls -la /mnt/dietpi_userdata/certs/

webfinder42 · 8 August 2023 19:31

yes sure here you go

drwxr-xr-x 2 root   root   4096 Jul 18 21:53 .
drwxrwxr-x 8 dietpi dietpi 4096 Jul 18 21:36 ..
-rw-r--r-- 1 root   root   1814 Jul 18 22:11 cert.pem
-rw------- 1 root   root   4061 Jul 18 22:11 jellyfin.pfx

Joulinar · 8 August 2023 19:56

As you can see, certificate file is readable for user root only. You would need to change user to jellyfin

webfinder42 · 12 August 2023 19:31

Got it to work

sudo chmod 644 jellyfin.pfx, thanks