And in place of 10.0.0.100 you need to put the local IP address of your Emby server (which also needs to be static). Now, in place of, you need to put your own domain name.
Here's a copy of mine, you can just copy/paste into a text file and save as caddyfile.txt. You also need to make a text file in this folder with your caddy configuration info. Then unzip your installer into this folder, there is just one executable called caddy.exe. You need to create a folder on your server where you will put Caddy, I used c:\Caddy. I'd suggest getting it with rvice at the very bottom of the list, this lets you run Caddy as a service, I'll mention this later. When you go to download, you can choose plug-ins (click the "add plug-ins" link before downloading).
SONARR SETUP SSL DOWNLOAD
Go download Caddy from their website, I'm using V1 of their server, they have a V2 in beta but I prefer the stable release. You do not want to forward any other ports, don't forward 8096 or 8920. Port 80 is the default for HTTP, 443 is the default for HTTPS. Then in your router, forward ports 80 and 443 to the computer in your home network that will be running the reverse proxy server.
SONARR SETUP SSL MANUAL
Make sure it has a fixed IP address on your home network, either by making it static or by setting up a manual assignment in your router's DHCP server.
I run it on the same computer that runs my Emby server. Now, you'll need to decide which computer is going to run your Caddy reverse proxy. A CNAME record just points to the same IP address as your main domain registration, so it's sorta like an alias. I would also suggest that you set up a CNAME record to a subdomain like, you'll see why later. This is what's called a second level domain (.net is the top level and mydomain is the second level). So for this example, let's say you registered. I do recommend for your domain, it was affordable, it can easily handle Dynamic DNS for you, and it's easy to set up. See my previous post for more detail here, I'm not going to repeat it. In order to get an SSL certificate you have to have your own domain name. And it has the huge advantage of automatically managing SSL certificates. I'll be presenting this guide using Caddy, which is SUPER easy to use and set up, and is also free/open source.
SONARR SETUP SSL FREE
NGINX is a very popular free reverse proxy, but looking through config files and options left me very uncomfortable, it all seemed very complicated. I will say that I was initially pretty intimidated by the idea of setting up my own reverse proxy.
SONARR SETUP SSL HOW TO
So Emby doesn't need to know how to do encryption, because encryption is completely handled by the reverse proxy, and it is transparent to Emby. But it can then redirect traffic unencrypted to your Emby server, which is safe because it's all internal to your private network. The advantage in this case is that the reverse proxy handles SSL encryption to whatever client is connecting to it from the public internet. All connections into your home network are made to the reverse proxy, and it then redirects traffic to the server on your home network. Traffic that stays completely inside your home network does not need to be encrypted because it is protected by your router (which is also a firewall).Ī reverse proxy acts as the gateway from the public internet to servers you're running on your home network. Behind your home router you may have a home network with several computers, phones, tablets, printers, and other devices, each assigned a private IP address. Assuming you're home network is typical, you have one publicly routable IP address assigned to your home router by your internet provider. I didn't have any idea what one was before starting this process. I'm running on Windows, but this should work in other OS's also as all the tools are available across different platforms.įirst, I think it's worth giving a little reverse proxy background. It really is very simple, but my post will probably be pretty lengthy because I'll try and explain as I go. I'll try and explain a few concepts and give detailed enough directions on how to set this up that a non-expert (which is what I consider myself to be) can easily get this working. But perhaps it'll be helpful to someone to have it all in one place. Mostly this comes from other posts scattered around the forum, so I don't take any credit. Well, here's a guide to setting up Emby with Caddy, which is a reverse proxy that automatically manages getting and renewing certificates. Well, it's been working just fine, but I wanted to find a solution that would be maintenance free, meaning I don't want to have to manually renew my certificate every three months! So I just recently posted a step-by-step guide to setting up SSL encryption with Emby using a Lets Encrypt certificate and a tool from ZeroSSL.