Skip to content

Origin Certificate

Jump to bottom Edit New page
Tech Perplexed edited this page Apr 4, 2020 · 21 revisions

For optimum security and application safety, you might consider creating an Origin certificate.

CloudFlare

I can't recommend CloudFlare enough, which is a free service to enhance your website. If you don't use Cloudflare yet (and why don't you?) 😄 you can read the CloudFlare support page which will show how to set up CloudFlare for your domain.

Once you are set up with CloudFlare, head over to the SSL/TLS tab, then click Origin Server, and finally click Create Certificate:

Origin

Leave all settings the default and click Next:

Create

Creating the certificate in PuTTY

Copy the complete content of the Origin Certificate field and paste this into a file in PuTTY that you name "cert.pem"

nano cert.pem - right click to paste.

Save this file by typing Ctrl-O, Enter, Ctrl-X.

Do the same with the private key, copy the content and paste this in PuTTY in a file named "private.key".

nano private.key

Save this file as well. Then create your certificate by typing:

openssl pkcs12 -inkey private.key -in cert.pem -export -out origin.pfx

You will be asked for a password, enter a password that you can remember 😸

You now have a file named "origin.pfx" in your home folder.

Lastly, you will need to tell Plex and/or Emby that you now have a custom certificate.

Configuring Plex

Copy the file you just created to your Plex installation: cp origin.pfx /var/local/Gooby/Plex

In the Plex app, go to your network settings and click advanced.

Under "Custom certificate location" enter /config/origin.pfx

Enter the password you created in "Custom certificate encryption key".

Finally, enter plex.yourdomain in "Custom certificate domain".

Plex

Congratulations, Plex is now fully certified!

You can now delete the three files in your home folder: rm cert.pem, rm private.key and rm origin.pfx.

Configuring Emby

Copy the file you just created to your Emby installation: cp origin.pfx /var/local/Gooby/Emby

Under the Advanced Settings in Emby, scroll down to Public Port Number and set it to 80

Public https port number should be 2096

Type your emby.yourdomain in External domain,

Custom ssl certificate path should point to /config/origin.pfx

And enter your Certificate password.

Make sure Secure connection mode is set to "Required for all remote connections."

Emby

You can now delete the three files in your home folder: rm cert.pem, rm private.key and rm origin.pfx.

Configuring Jellyfin

Copy the file you just created to your Jellyfin installation: cp origin.pfx /var/local/Gooby/Jellyfin

Under the Networking Settings in Jellyfin, scroll down to Public Port Number and set it to 80

Public https port number should be 2053

Leave external domain empty,

Custom ssl certificate path should point to /config/origin.pfx

The rest of the instructions are identical to Emby.

Installation: sudo wget http://bit.ly/GetGooby2 -O /tmp/install.sh && sudo bash /tmp/install.sh

Basic information and instructions can be found on TechPerplexed.

Get started

Setting up apps

Advanced

Troubleshooting

Clone this wiki locally