Tizen 2.3 (2015 TV), SSL handshake failed

[rdbisme]

I have a perfectly functioning install of Jellyfin behind a NGINX reverse proxy and a Let's Encrypt SSL certificate. When using this project on my old TV, it fails finding the server because (I think) of failed handshake, since let's encrypt configures the proxy to support TLS v1.3 and v1.2 only.

Is there anything I can do to make it work?

PS: Also the TV browser can´t reach the server.

[dmitrylyzo]

This is probably because the TV has an outdated root certificate and I don't know if this is possible to update it manually. https://github.com/jellyfin/jellyfin-tizen/issues/119#issuecomment-1117458322

[HEPOSHEIKKI]

Same issue here, the TV browser can reach the server but throws me a certificate issue saying the cert hasnt been issued by a trusted CA (I'm using let's encrypt too, maybe samsung doesn't support them which would be weird but idk). Other than that the browser version functions normally, but on the app I can only connect over ip:port not https or even http.

My server is behind an nginx proxy on a subdomain with no baseurl set.

[dmitrylyzo]

Possible solution #168 (if the problem is with the Let's Encrypt root certificate). Testing required.

[HEPOSHEIKKI]

Can this even be fixed in this repo? AFAIK the problem is caused because the Letsencrypt CA is missing from the device operating system and can only be fixed by Samsung updating their Root CA's. Correct me if I'm wrong.

Really hope this gets resolved one way or another since I have to use ZeroSSL and their ACME is broken :(

[dmitrylyzo]

AFAIK the problem is caused because the Letsencrypt CA is missing from the device operating system and can only be fixed by Samsung updating their Root CA's. Correct me if I'm wrong.

You are correct.

Samsung seems to have updated the root certificate on Tizen 3+ (https://github.com/jellyfin/jellyfin-tizen/issues/119#issuecomment-1117458322).

Trust Anchor PR (#168) didn't help. This feature is probably limited to mobile and wearable. Or I did it wrong.