Chromecast won't fully connect with custom CA issued cert

[mooninite]

Describe the bug

Jellyfin won't fully establish a Chromecast session with a Jellyfin server using a certificate that has been issued by a personal CA. Switching to Lets Encrypt fixes it, but either case should work. Emby's Chromecast app allows custom CA signed certs.

To Reproduce

1. Set SSL cert to custom CA signed cert PFX file
2. Restart Jellyfin
3. Cast to Chromecast
4. Jellyfin logo appears on Chromecast, but photo slideshow does not start and video playback does not work.

Expected behavior

Movie/TV art slideshow should start up. Video playback should work.

Logs

I believe this is on the Chromecast app side because nothing appears in the Jellyfin app nor the Chrome app side of things. Only the person controlling the Chromecast app could debug this and see log output.

Screenshots

System (please complete the following information):

• OS: Fedora 30
• Browser: Chrome
• Jellyfin Version: 10.4.0
• Reverse proxy: none

Additional context

I need to use this cert because of how Jellyfin changed handling of HDHomeRun connections from http to https and Lets Encrypt does not sign SANs with IP addresses at this time.

[JustAMan]

paging @cvium

[mooninite]

Emby listens on both unencrypted and encrypted ports. Jellyfin does not. I investigated a little bit more today and when Emby connects to my Chromecast it uses the unencrypted port (8096). I'm not sure whether to re-file this as a feature request (to bring a feature back) or if it should be documented that if SSL is enabled it must be a trusted CA otherwise the Chromecast has no way to connect.

[JustAMan]

Let's put it to Chromecast app repo itself for now.

[hawken93]

We can never inject a custom CA root into the chromecast..

I opened a new issue with the idea to give the chromecast an alternate address to try. If you use a reverse proxy then http on jellyfin may still be open and it could be used to reinstate this workaround.