+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: Troubleshooting (https://forum.jellyfin.org/f-troubleshooting)
+--- Thread: SOLVED: Roku access to Jellyfin behind nginx reverse proxy (/t-solved-roku-access-to-jellyfin-behind-nginx-reverse-proxy)
Roku access to Jellyfin behind nginx reverse proxy - schnappi - 2024-12-02
First, awesome work on Jellyfin! It is an amazing piece of software. Very impressed!
In short...
http://local-IP:8096 works on local Roku devices, but https://fully-qualified-domain-name.com doesn't work on either local or remote Roku devices. The Roku says that the server cannot be found. https://fully-qualified-domain-name.com otherwise works remotely through web browsers and various apps both local and remote. Jellyfin is behind an Nginx reverse proxy pointing to localhost:8096.
Nginx logs do not show anything noteworthy. The Jellyfin logs are irrelevant since the remote Roku devices do not appear to be reaching the server at all.
At first I thought that I needed to forward to localhost:8096/web/index.html instead of localhost:8096, but this broke the server completely. My hypothesis is now that the Roku devices will not accept either Let's Encrypt or ZeroSSL certificates. Can anyone confirm or does anyone have any other thoughts?
RE: Roku access to Jellyfin behind nginx reverse proxy - TheDreadPirate - 2024-12-02
Can you share your nginx config via pastebin? Censor the domain name.
Also, are your certs self-signed or legit certs?
RE: Roku access to Jellyfin behind nginx reverse proxy - schnappi - 2024-12-03
Nginx config copy and pasted from https://jellyfin.org/docs/general/networking/nginx/
Only changes are:
listen 443 ssl http2;
ssl_certificate /location.crt
ssl_trusted_certificate /location.crt
ssl_certificate_key /location.key
ssl_dhparam /location.pem
SSL certificates are not self-signed. Tried Let's Encrypt and ZeroSSL issued certificates with the same result too.
RE: Roku access to Jellyfin behind nginx reverse proxy - TheDreadPirate - 2024-12-03
How did you acquire your certs and add them to your config? Those don't look like how certbot would add them to your config.
Code:
ssl_certificate /etc/letsencrypt/live/domain.tld-0002/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.tld-0002/privkey.pem; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/domain.tld-0002/chain.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by CertbotRE: Roku access to Jellyfin behind nginx reverse proxy - schnappi - 2024-12-04
Used getssl (https://github.com/srvrco/getssl). Certificates are good.
Just to be sure, I just replicated the same issue on a fresh install of Jellyfin on Debian 12 in a subdomain of an active website hosted on a VPS.
However, I do acknowledge that my ssl settings above lacked the underscore that properly exists in the nginx config file.
RE: Roku access to Jellyfin behind nginx reverse proxy - TheDreadPirate - 2024-12-04
When you access Jellyfin from your browser with your https address, there aren't any prompts regarding the cert's validity?
RE: Roku access to Jellyfin behind nginx reverse proxy - schnappi - 2024-12-05
Unfortunately, the SSL certificates are not the issue...unless the Roku doesn't have root certificates to trust Let's Encrypt or ZeroSSL certificates. I can provide the server URL via private message, if necessary.
RE: Roku access to Jellyfin behind nginx reverse proxy - TheDreadPirate - 2024-12-05
Send me a PM and I will try connecting to your server with my Roku.
My Roku 4800X has no issues with my Let's Encrypt certs.
RE: Roku access to Jellyfin behind nginx reverse proxy - schnappi - 2024-12-08
Problem solved. There was neither a Jellyfin issue nor an SSL issue. It was a firewall issue on the router. Thank you.