jellyfin-media-player
jellyfin-media-player copied to clipboard
jellyfin
HTTPS configured server, unable to connect with Jellyfin Media player client, only through web interface.
HTTPS configured server, unable to connect with Jellyfin Media player client, only through web interface.
I'm using a self-signed certificate.
Thanks, will try that. Didnt see it in UI i believe so maybe its not an option there.
So it looks like I have to change '"ignoreSSLErrors": false,' to True and it works.
However, it is a bit cumbersome to ask all my (future) invited friends to manually change their files in the Appdata folder under Windows.
Can there be an option in the client at login or server creation for this?
I want to discourage this kind of configuration because it negates most benefits of SSL, when there are plenty of guides to install caddy and use the free duckdns service to get an ssl certificate. Additionally most Jellyfin clients do not support and will not support insecure connections, so the experience for other users will be less than ideal.
I see, yet when you add a server (usually via via) you ought to trust the owner of this server though right? It's not like there are many (if at all) any public jellyfin servers anyhow. I don't see the problem.
The main benefit of SSL here is to encrypt the connection between client and server, rather than a matter of 'trusting'.
Food for thought. I really don't see why there can be a small setting somewhere with a disclaimer. Browsers inherit the same option.
The use of SSL is to ensure that your connection to the server owner is legitimate. So if you are on an untrusted public Wi-Fi or a corporate network, and the network owner or someone (like your ISP) between you and the server tries to get between you and mess with the connection (a man in the middle attack), the connection will fail.
webengine will honor CA certificates that are installed to the operating system per chromes specification, even if they are self-signed. if the ca file is in sql://~/.pki/nssdb on ubuntu, or in the os cert store in windows, it should work. installing to the ubuntu default does not work, iirc.
Have you tried using http instead self signed https? That would probably work for the Jellyfin Media player client.
I am using Jellyfin on my local network and I have no intention whatsoever to expose it to the Internet, which precludes the possibility of using scripts such as Let's Encrypt. Caddy may be available, but I simply don't want to configure it for a service that has to only be available on my local network. If I can't trust my machines on my local network, I have much bigger problems to worry about than Jellyfin's connection. Now, setting ignoreSSLErrors=true in .config/jellyfin.org/Jellyfin Media Player.conf has no effect and I am stuck with a connection error message. Plain http doesn't work. What should I do to use this software?
Edit: ok, it looks like for some reason Jellyfin Media Player use two different configuration files in two different locations, .config/jellyfin.org and .local/share/jellyfinmediaplayer, which is actually the correct one to use. Maybe these could be unified for better clarity and consistence with other software?
I'm just gonna plan and hand out certificates to people to import in their windows certificate store so they can access my server with HTTPS on the client.
This is ridiculous. SSL does more than just trusting, it encrypts the connection so no eaves droppers or MITM can intercept passwordss.
However, it is a bit cumbersome to ask all my (future) invited friends to manually change their files in the Appdata folder > > under Windows.
Future invited friends will use Jellyfin local?
If these friends are remote, you need a valid cert anyway. Also Chromecast will not work otherwise.
Is there a way of the flatpak version to access the system wide accepted CA data? Both, Firefox and Chrome, accept my personal CA, which is accepted system wide, so I can open my jellyfin server in both browsers with HTTPS without warning. Also trust list shows my CA,
