Reverse proxy - ssl - kodi client

[mvallevand]

There is no way via the Kodi addon to do that but if Kodi is properly inserting 8866 properly what if you simply use port 443

Martin

[cdogg]

The reason the port being set, regardless of the number, is that it insert a colon into the url so something like "server/npvr/..." ends up looking like "server/npvr/:443 or 8866". The apache server doesn't know what to do with a url that has a : in it of course. I've tried to force the situation by editing settings.xml and setting it as "443/npvr/" which allows me to enable the addon, but when performing actions, it ignores the "443/npvr" and substitutes just "8866", dropping the "/npvr/" part. Hope I've explained that better. If the addon would allow me to enter not just numbers but also other characters, that would be perfect.

[mvallevand]

Ok I thought it would be at the end, your first post confused me. Given that I have no way for me to test this or of testing the NextPVR API redirects, I can consider this for Nexus with port 0 if you are willing to do the testing.

Martin

[cdogg]

I've tried port 0 but it then puts ":0" into the url which of course is no good. Now if it worked that using port 0 took the port completely out of the equation then great! Totally willing to test. My brother is willing to try to compile the source into the necessary .dll, but I'm not sure where in the code I would need to edit to stop inputing the port number and colon into the url.

[mvallevand]

It certainly won't work now, it will need a code change. If your brother can compile it change this line

https://github.com/kodi-pvr/pvr.nextpvr/...gs.cpp#L41

to

Code:

strcpy(m_urlBase, m_hostname.c_str());

which will pass through the URL you type;

Martin

[aderlopas]

Hi Martin
I have done a similar setup and still getting error with this, although service is reachable via https, result below:

https://aed.ddns.net:443/service?method=...evice=xbmc:

<rsp stat="ok">
<sid>6a83314d0f744889a56f309b774bfb81</sid>
<salt>dd8e75f5-9113-4f0e-8c8b-dc750a58c534</salt>
</rsp>

Error reported in Kodi log is the below:

AddOnLog: pvr.nextpvr: Creating NextPVR PVR-Client
2022-07-13 12:35:42.984 T:10501 INFO <general>: AddOnLog: pvr.nextpvr: Buffer created!
2022-07-13 12:35:42.984 T:10501 INFO <general>: AddOnLog: pvr.nextpvr: DummyBuffer created!
2022-07-13 12:35:42.984 T:10501 INFO <general>: AddOnLog: pvr.nextpvr: Buffer created!
2022-07-13 12:35:42.984 T:10501 INFO <general>: AddOnLog: pvr.nextpvr: RecordingBuffer created!
2022-07-13 12:35:42.984 T:10501 INFO <general>: AddOnLog: pvr.nextpvr: Buffer created!
2022-07-13 12:35:42.984 T:10501 INFO <general>: AddOnLog: pvr.nextpvr: DummyBuffer created!
2022-07-13 12:35:43.780 T:10501 ERROR <general>: CCurlFile::FillBuffer - Failed: SSL peer certificate or SSH remote key was not OK(60)
2022-07-13 12:35:43.780 T:10501 ERROR <general>: CCurlFile::Open failed with code 0 for https://aed.ddns.net:443/service?method=...evice=xbmc:

2022-07-13 12:35:43.780 T:10501 ERROR <general>: IAddonInstanceHandler::CreateInstance: pvr.nextpvr returned bad status "Permanent failure" during instance creation
2022-07-13 12:35:43.782 T:10501 ERROR <general>: UpdateAddons: Failed to create add-on NextPVR PVR Client, status = 5
2022-07-13 12:36:01.290 T:10399 INFO <general>: Loading skin file: SettingsCategory.xml, load type: KEEP_IN_MEMORY
2022-07-13 12:36:04.828 T:10399 INFO <general>: Log level changed to "TRACE"
2022-07-13 12:36:04.828 T:10399 INFO <general>: Enabled debug logging due to GUI setting. Level 2.
2022-07-13 12:36:04.830 T:10399 DEBUG <general>:

[mvallevand]

First I believe the issue discussed in this thread is resolved by using port = 0 in configuration, I just never came back and updated this thread. No code change was required and Kodi strips out the port.

So you probably should look at the error "SSL peer certificate or SSH remote key was not OK." and check these step https://kodi.wiki/view/SSL_certificates The reason I didn't make https available in the GUI settings was because this configuration is not trivial.

Martin

[aderlopas]

First I believe the issue discussed in this thread is resolved by using port = 0 in configuration, I just never came back and updated this thread.  No code change was required and Kodi strips out the port.

So you probably should look at the error "SSL peer certificate or SSH remote key was not OK."  and check these step https://kodi.wiki/view/SSL_certificates  The reason I didn't make https available in the GUI settings was because this configuration is not trivial.

Martin

Thanks Martin.
Given my certificate is issued by Letsencrypt and that the Kodi client is on Android (and I am not sure I can modify the pem file correctly) is there
Any way I can add the below to the URL?

To disable the check, add |verifypeer=false

[mvallevand]

Given that it is "explicitly discouraged" I have no plans on supporting that and you are better off investigating how you might do this properly on Android. If you want to send my your pem file I can see if I can help.

Martin

[mvallevand]

I added your pem file from the browser to the generic cacerts.pem file, copied it into Android profile with the Kodi file manager and then pointed to it with advancedsettings.xml  To get you going you can unzip this to USB or a share and copy them to your profile folder with Kodi File Manager

Code:

<advancedsettings>
  <network>
    <catrustfile>special://masterprofile/cacert.pem</catrustfile>
  </network>
</advancedsettings>

It connects but it fails on the PIN as expected.  You should see my info in your logs

You probably want to create and test cacert.pem on a filesystem based system to make your life easier. 

This is way I hate when users hijack threads.  The thread goes off topic and potentially resolved but who knows if someone can find this next time.

Martin