Improve SSL implementation !

Got an idea? Missing something? Post your feature request here.

Moderator: moderators

Improve SSL implementation !

Postby insann » Tue Feb 16, 2016 1:28 am

I really suggest to improve the ssl implementation specially with a Java based App !
A script here and there and boom the whole thing is hacked !

Adding SSL key and certificate in the actual possible ways is so crappy !!

I'm trying to use haproxy to add ssl to subsonic but when i'm trying to access to it browser block some things because its "mixed content" !
So maybe trying to change all HTTP links into HTTPS could be great !
(i don't like to put my private key on many different machines ! so using appache AND haproxy for the whole thing i don't want to !)

If you totally build a SSL implementation it would be wonderful !

Sorry for my bad english !

Insann !
insann
 
Posts: 39
Joined: Sat Nov 14, 2015 6:37 pm

Re: Improve SSL implementation !

Postby mrdrew » Thu Sep 22, 2016 10:57 pm

Looks like this has been done.
Subsonic > settings > network > Access your server over the Internet using an easy-to-remember address. > Use custom URL (advanced) > https://cname.yourdomain.meh

this page using https
On Linux, add --https-port=4443 (or any other port) to SUBSONIC_ARGS in /etc/default/subsonic (Ubuntu/Debian) or /etc/sysconfig/subsonic (Fedora/RPM).


poke a different hole in your router and forward it to 4443

use https://blah.yourdomain.net:4443

boom.

go to your registrar (godaddy, etc). Add an A record CNAME, like subsonic, point it to username.duckdns.org (after setting up duckdns.org of course). Then you can access your subsonic at https://subsonic.yoursite.com:4443
mrdrew
 
Posts: 41
Joined: Sat Mar 09, 2013 4:27 am

Re: Improve SSL implementation !

Postby br0ken1128 » Sun Oct 16, 2016 12:44 am

I have a linux web server ( virtual machine ) that is public facing at my house that I run when I am doing testing on a new website.. so I just used mod proxy and installed a valid SSL on that system, it proxy's to my subsonic server internally.. when I want to access it from work or something I just remote in and turn power up my linux vm.

I would run subsonic on the vm directly but I keep all of my media on my pc so I can easily get to it with playon for my roku box.

I just wish the video support were better, I don't use subsonic for music.. seems like changing bitrate setting does nothing for video, at least it seems that way. I occasionally share a video with a friend who has low bandwidth and it doesn't matter what I set their player bitrate to.

But at least the SSL part was super simple for me.. I ran subsonic a long time ago and had the SSL I bought directly in the subsonic installation but that was an absolute pain, had to convert the certificate to the right format, open the jar file, add it in and re-archive.. it would always be lost on updates.. so the SSL via proxy was a much cleaner solution that is update proof
br0ken1128
 
Posts: 17
Joined: Tue Aug 09, 2011 11:41 am


Return to Feature Requests

Who is online

Users browsing this forum: No registered users and 4 guests