How to set up to SSL Servers

[Jade10145]

Hi All,

So I am currenly in the process of attempting to set up to HTPC with remote potato. I currently have it set up and working well over http using a dyndns DNS name. My next step is to get it working over https but I might have a small problem.

I already have Windows Home Server set up for https on port 443. That is, port 443 is fowarded to Windows Home Server. WHS is also linked to a homeserver.com DNS.

So my question is, is it as simple as setting up https through remote potato through a different port, and then just forwarding that same port on my router? Then going to https://........dyndns-server/(port that I have forwarded)?

I have a feeling its more complicated.

Thanks for any help.

[Jade10145]

Actually scratch that...it doesn't appear that remote potato has an option for ssl...

So that being said I wonder if there is another way...The only reason I bring it up is because I am accessing over public networks and I'm not wild about send UN and PW in the clear....

[Scallica]

You need to install OpenSSL and stunnel on your HTPC. Since you are already port forwarding 443 for your WHS, use 8443 for the HTPC.

http://www.stunnel.org/

You could also install Apache with a self-signed SSL cert and use mod_proxy.

[DanH]

...Or setup a Windows VPN which you already have on your PC. The client for the VPN is on every Windows PC. The only port you forward from your home router is the port for PPTP (1723).

Using it is simple too....
On remote client, start the VPN cponnection. Start web browser or any other client software and connect to the remote computer.

[STC]

Why go to all the complication of doing this? If you auth over HTTPS, I believe it will affect the streaming ports as well and most probably interfere with streaming. Create credentials for RP that you don't use anywhere else. Worst case, someone could log into your MC box using RP with RP privileges but that's about it and that really isn't ever going to happen.

[Jade10145]

Why go to all the complication of doing this? If you auth over HTTPS, I believe it will affect the streaming ports as well and most probably interfere with streaming. Create credentials for RP that you don't use anywhere else, worst case, someone could log into your MC box using RP with RP privileges, but that's about it, and that really isn't ever going to happen.

Thank you all for the suggestions. It seems if I was going to do it then VPN might be the easiset method.

Stonethecrows, you are right. I maybe a little paranoid. It's just that I am using alot of wifi in public places and lord knows there are unscrupulous folks out there who might be sniffing traffic. The chances are small but still there.

I did end up setting up a seperate UN and PW for remote potato that is different then my windows credentials. So I am safe in that prespective at least. The only concern that I have is that RP does have privledges to delete items. And thats not something I want to remove because when I finish watching something I go ahead and delete it.
In additon, RP does have access to several other folders/directories that I have set up on my WHS. So if someone does log in to my MC box they essentially have access to all my shares on my WHS.

Like you said, the chances of someone logging into my MC box and doing this is small...but its still there.

[STC]

Whatever makes you feel safer. FYI a VPN tunnel will definitely have an adverse affect on streaming due to every packet being enlargened as well as encryption and decryption of each packet flowing through it.

[Jade10145]

Thanks for the info from everyone.....

So I am thinking to myself maybe I can give access to delete files only in the recorded TV folder for Remote Potato. I don't think that RP has those options though...Well have to dig deeper. Thanks again.