I can't seem to get SSL to work with external players (using Subsonic 4.4 (build 2169)), while the web-player works after accepting the SSL certificate.
My /etc/default/subsonic:
- Code: Select all
SUBSONIC_ARGS="--host=192.168.2.50 --https-port=4433 --port=8080 --max-memory=200"
This is, e.g., the output for VLC:
- Code: Select all
[0x7fcae0008550] gnutls tls client error: TLS handshake error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough).
[0x7fcae0008550] main tls client error: TLS client session handshake error
[0x271afc0] access_http access error: cannot establish HTTP/TLS session
[0x26cc7f0] main input error: open of `https://192.168.2.50:4433/stream?player=8&pathUtf8Hex=2f686f6d652f6d657274656e2f4d7573696b2f44617669642047696c6d6f75722f41626f757420466163652f30382e4372756973652e666c6163&suffix=.flac' failed: (null)
So apparently VLC doesn't like the certificate or something of that sort.
Thankfully, in the "Advanced" section of the settings there seems to be a setting to allow for non-encrypted streaming to external players (I'm fine with my music not being encrypted, I just really want the login credentials to be secured):
Some players (such as Winamp) don't support streaming over SSL. Specify the port number for regular HTTP (usually 80 or 4040) if you don't want the streams to be transmitted over SSL. Note that the streams will not be encrypted.
Setting this to 8080 (my usual HTTP port) doesn't work, as apparently the redirection to SSL still is in effect:
- Code: Select all
[0x7fb4f4003e30] gnutls tls client error: TLS handshake error: The Diffie-Hellman prime sent by the server is not acceptable (not long enough).
[0x7fb4f4003e30] main tls client error: TLS client session handshake error
[0x10da5f0] access_http access error: cannot establish HTTP/TLS session
[0x10da5f0] access_mms access error: invalid HTTP reply ''
[0x7fb51400cab0] main input error: open of `http://192.168.2.50:8080/stream?player=8&pathUtf8Hex=2f686f6d652f6d657274656e2f4d7573696b2f44617669642047696c6d6f75722f41626f757420466163652f30342e426c7565204c696768742e666c6163&suffix=.flac' failed: (null)
Setting this to an unused port (e.g., 8081) just means connection refused:
- Code: Select all
[0x9430b0] main access error: connection failed: Connection refused
[0x9430b0] access_http access error: cannot connect to 192.168.2.50:8081
[0x9430b0] main access error: connection failed: Connection refused
[0x9430b0] access_mms access error: cannot connect to 192.168.2.50:8081
[0x7f1ac8011f20] main input error: open of `http://192.168.2.50:8081/stream?player=8&pathUtf8Hex=2f686f6d652f6d657274656e2f4d7573696b2f44617669642047696c6d6f75722f41626f757420466163652f30392e4c65747320476574204d657461706879736963616c2e666c6163&suffix=.flac' failed: (null)
The same applies to, e.g., Audacious, but with less informative error messages.
Anybody an idea on what I am missing?