I am running a Emby server which I am trying to access remotely using a Let’s Encrypt certificate.
I used Certbot to create the pem-files and converted them to pfx using the following command:
openssl pkcs12 -export -out /tmp/cert.pfx -inkey */privkey.pem -in */cert.pem -certfile */chain.pem
I am not using any password protection for the pfx file.
When using Chrome / Edge I can access the WebUI without any issue but with some Emby Apps it simply doesn’t work and I get a handshake error in the Emby log:
System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. —> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL. —> Interop+Crypto+OpenSslCryptographicException: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown
I also tried the following commnand:
openssl s_client -connect mydomain:8920
and get this output: https://paste.ubuntu.com/p/jHy758D6q5/
OpenSSL version on the system was 1.0.2, installing 1.1.0 didn’t help.
Why am I getting that verification error?
If you need further information please let me know!