I'm in process of configuring HTTPS for all my Intranet apps (routers, Pi-Hole, Radarr, NZBHydra, Sonarr, Bazarr, and NZBGet).
I'm seeing ERR_CONNECTION_REFUSED when connecting via HTTPS on port 6791 on Windows 10 and Max OS X devices (Safari and Edge browsers).
Here's what I've configured . . .
NZBGet security settings:
- ControlIP set to 0.0.0.0
- SecureControl enabled, secure port 6791
- SecureCert path /config/keystore/certificate.pem
- SecureKey path /config/keystore/private_key.pem
- /config is mapped to a folder in a volume on my NAS and the account running NZBGET in Docker has full permissions to the folder
- CertCheck setting toggled on and off (makes no difference)
I've tried three different certs (all encoded as BASE64 ASCII (PEM)):
- Server cert issued from internal CA (internal root CA is trusted by all devices)
- Valid server cert issued from a commercial CA
- Self-signed test cert issued from selfsignedcertificate.com
I don't think the issue is related to certificate encoding. If it was working I would expect to at least see a browser warning.
I've checked that the server is listening on tcp/6791:
Code: Select all
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:6789 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:6791 0.0.0.0:* LISTEN -
I've temporarily disabled the Windows 10 firewall app, and my Mac doesn't run a firewall app.
I'm running low on troubleshooting ideas, any pointers greatly appreciated