Installing and Setting Up SSL for Subsonic on Windows 🌱


Create Your SSL Certificate

  1. Launch XCA
  2. Open the PKI database if it is not already (File > Open DataBase), enter password
  3. Click on the Certificates tab, right click on your Intermediate CA certificate
  4. Select New
  5. On the Source tab, make sure Use this Certificate for signing is selected
  6. Verify your Intermediate CA certificate is selected from the drop down
  7. Click the Subject tab
  8. Complete the Distinguished Name section

    internalName: Subsonic SSL
    countryName: US
    stateOrProvinceName: Virginia
    localityName: Northern
    organizationName: i12bretro
    organizationUnitName: i12bretro Certificate Authority
    commonName: subsonic.i12bretro.local

  9. Click the Generate a New Key button
  10. Enter a name and set the key size to at least 2048
  11. Click Create
  12. Click on the Extensions tab
  13. Select End Entity from the type list
  14. Click Edit next to Subject Alternative Name
  15. Add any DNS or IP addresses that the certificate will identify
  16. Update the validity dates to fit your needs
  17. Click the Key Usage tab
  18. Under Key Usage select Digital Signature, Key Encipherment
  19. Under Extended Key Usage select Web Server and Web Client Authentication
  20. Click the Netscape tab
  21. Select SSL Server
  22. Click OK to create the certificate

Exporting Required Files

  1. In XCA, click on the Certificates tab
  2. Right click the SSL certificate > Export > File
  3. Set the file name with a .crt extension and verify the export format is PKCS #12 (*.p12)
  4. Enter the password subsonic and confirm, Click OK
  5. Click OK

Installing Subsonic and Initial Setup

  1. Download Subsonic Download
  2. Install Subsonic
  3. Open a web browser and navigate to http://DNSorIP:Port
  4. Login with username: admin password: admin
  5. Go to Settings > Users
  6. Check the Change Password box
  7. Input a new password twice and click save to secure the admin account
  8. Go to Settings > Media Folders
  9. Under the Add media folder heading add your music directory
  10. Click the Save button
  11. Click the Scan media folders now button
  12. Click the Home button in the top navigation
  13. You should see music from your library starting to populate

Applying the SSL Certificates to Subsonic

  1. Stop the Subsonic service
  2. Right click the start button > Command Prompt (Admin)
  3. Run the following command
    taskkill /f /im "subsonic-agent-elevated.exe"
  4. Navigate to the Subsonic installation directory in Explorer
  5. Extract subsonic-booter-jar-with-dependencies.jar
  6. Download Keystore Explorer Download
  7. Run kse.exe
  8. Select File > Open > and select subsonic.keystore from the extracted jar
  9. Enter subsonic as the keystore password
  10. Delete the subsonic entry, this is the self-signed SSL certificate used for https by default
  11. Select Tools > Import Key Pair
  12. Select PKCS #12, Click OK
  13. Click Browse and navigate to the .p12 file exported from XCA earlier
  14. Enter subsonic as the Decryption password
  15. Enter subsonic as the alias, click OK
  16. Enter subsonic as the password and confirm, click OK
  17. Select File > Save
  18. Navigate to the extracted jar files in Explorer
  19. Select all the files > Right Click > Send To > Compressed (zipped) folder
  20. Rename the zip file created subsonic-booter-jar-with-dependencies.jar
  21. Right click the created subsonic-booter-jar-with-dependencies.jar > Copy
  22. Navigate to the Subsonic installation directory in Explorer
  23. Renamed the existing subsonic-booter-jar-with-dependencies.jar to subsonic-booter-jar-with-dependencies.jar.orig
  24. Paste the newly created subsonic-booter-jar-with-dependencies.jar
  25. Right click subsonic-agent-elevated.exe > Run as administrator
  26. If it doesn't show, double click the Subsonic icon in the system tray
  27. Click the Settings tab
  28. Check the Enable https on port box
  29. Enter a port to run https on
  30. Click the Save settings button
  31. Click the Status tab
  32. Click the Start button to start the Subsonic service
  33. Open a web browser and navigate to https://DNSorIP:Port
  34. Subsonic should now be running securely with https using the new certificate