2023-11-30, 03:09 PM
Describe the bug
The server has both A and AAAA resource records for both IPv4 and IPv6. It's dockerized, reachable via a docker-swag reverse proxy that handles the renewal of the Let's Encrypt SSL certs and is configured for both TLSv1.2 and TLSv1.3 (default settings).
Here is an ouput of curl -v on my domain:
The Qualys SSL Labs test gives me an A.
A couple of weeks ago the server was only exposed on its IPv6 address, and on a different port, without reverse proxy in front of him. At that time the firestick was able to connect.
I've tried uninstalling and reinstalling the app, clearing the cache, clearing all local files, changing DNS, but nothing helps.
I've tested if it's a LAN problem, but every other device on the same LAN is able to connect properly.
I've tried connecting to demo.jellyfin.org and that works flawlessly.
I'm unable to collect logs right now due to being far away from the device.
Any suggestions?
androidtv client version - 0.15.12
Installed from the Amazon Appstore
Fire TV Stick (3rd Gen)
Fire OS 7.6.6.4 (PS7664/3772)
server version - 10.8.13
- Install app freshly from Amazon AppStore
- Try to connect to jellyfin.mydomain.tld
- Connection fails
The server has both A and AAAA resource records for both IPv4 and IPv6. It's dockerized, reachable via a docker-swag reverse proxy that handles the renewal of the Let's Encrypt SSL certs and is configured for both TLSv1.2 and TLSv1.3 (default settings).
Here is an ouput of curl -v on my domain:
Code:
$ curl -v https://jellyfin.mydomain.tld
* Trying [<public-IPv6-address>]:443...
* Trying <public-IPv4-address>:443...
* Connected to jellyfin.mydomain.tld (<public-IPv4-address>) port 443
* ALPN: curl offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
* subject: CN=mydomain.tld
* start date: Nov 19 17:42:16 2023 GMT
* expire date: Feb 17 17:42:15 2024 GMT
* subjectAltName: host "jellyfin.mydomain.tld" matched cert's "jellyfin.mydomain.tld"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://jellyfin.mydomain.tld/
* [HTTP/2] [1] [:method: GET]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: jellyfin.mydomain.tld]
* [HTTP/2] [1] [:path: /]
* [HTTP/2] [1] [user-agent: curl/8.4.0]
* [HTTP/2] [1] [accept: */*]
> GET / HTTP/2
> Host: jellyfin.mydomain.tld
> User-Agent: curl/8.4.0
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/2 302
< server: nginx
< date: Thu, 30 Nov 2023 10:38:41 GMT
< content-length: 0
< location: /web/index.html
<
* Connection #0 to host jellyfin.mydomain.tld left intactThe Qualys SSL Labs test gives me an A.
A couple of weeks ago the server was only exposed on its IPv6 address, and on a different port, without reverse proxy in front of him. At that time the firestick was able to connect.
I've tried uninstalling and reinstalling the app, clearing the cache, clearing all local files, changing DNS, but nothing helps.
I've tested if it's a LAN problem, but every other device on the same LAN is able to connect properly.
I've tried connecting to demo.jellyfin.org and that works flawlessly.
I'm unable to collect logs right now due to being far away from the device.
Any suggestions?
androidtv client version - 0.15.12
Installed from the Amazon Appstore
Fire TV Stick (3rd Gen)
Fire OS 7.6.6.4 (PS7664/3772)
server version - 10.8.13