Some of my external applications require another format for certificates. (pkcs12 for my emby media server).
I would like an option to optionally create additional file formats while running this addon. This because I cannot get shell_command to work with openssl without having to ssh into the host.
My specific requirement is a PKCS12 (.p12) file with or without password.
Add this perticular (although pretty generic imo) pkcs12 format as bool option in the addon.
Add a lot of additional format(s) and commands.
Allow to run additional commands after certificate creation.
Hi, have you succeeded or are you still looking for a solution? Because I am on the same boat and going the SSH way it seems the only viable solution so far
I’ve changed into a more ‘modern’ solution: remove SSL from Jellyfin Media Server and reverse proxy traffic in.
Basically, I have a SWAG container running (it’s using nginx, which allows my certificate format).
In this SWAG container, HTTPS traffic is routed to the Jellyfin Media Servers’ non HTTPS port.
That way Jellyfin/Emby doesn’t need to know about encryption, and a more robust web server is used for serving traffic.
I was trying to find something running together with home assistant, I don’t have another machine to use
So far the only working option I found should be running a shell command via SSH
yes, i did the same thing. It took me about 5 shell_commands to get it to automate right - and still broken regularly…
In you situation, I think you should still be able to host everything ‘behind’ a Reverse Proxy (like nginx, which is available as HA addon).
This is recommended even, as nginx is a hardened web facing proxy - and better to expose than HomeAssistant or (any other service even). If traffic goes via that proxy, you only need 1 location and certificate format.
I don’t understand, sorry. If you reverse proxy all the internal services with SSl, you dont need SSL in the applications (and thus no other formats or copying of certs on renewal)