Seems like this has been an outstanding issue for sometime which requires an update for the built-in Python to at least 2.7.9 (which was released in 2014).
Since more and more websites are migrating to HTTPS by default, I’d say this could be a deal breaker for many channel plugins for Plex. Does anyone know whether Plex has a plan to address this issue?
Someone does, but, Plex company will likely never tell anyone until after they update. That could be today. That could be 10 years. That could be never.
I’ve suffered, and fortunately, got channel developers to do work-arounds, for several of the channels I use.
And, honestly, I’ve not seen your error, but, usually see another error.
Searching for “CERTIFICATE_VERIFY_FAILED” results in 44 posts.
It seems Plex has been ignoring the error for several years.
Scary thing… it even affected the ability of Plex to obtain metadata within some of their agents for several.
@ddn - what’s your operating system?
I’ve not seen SSL error in quite sometime on my WIndows box (but that might be due to the workarounds)
Though Plex is still many versions behind, they’ve updated to Python 2.7.12 for Windows version of Plex sometime in the past year or two.
M:\Program Files (x86)\Plex\Plex Media Server>PlexScriptHost.exe --version
Python 2.7.12
Yeah, to follow up, @JamminR. I updated to High Sierra, and the system python isn’t even linked to OpenSSL, it’s LibreSSL 2.2.7 now. But the Plex scanning is still broken just the same. I’d be happy to be wrong, but I’m pretty sure this needs to be fixed in Plex’s libraries.
I’ve never understood the error completely. I know it has something to do with new versions of Python/urllib trying to verify the security certificates (older versions of Python/urllib did not do this).
I only know of some workarounds.
Do not verify certificates. A bit like how older Python versions worked:
@sander1 super helpful, thank you. Your guide to adding external libraries was perfect, and I was able to fix this scanner.
Ironically though, now all the metadata is correct but the artwork display, most likely because the Plex internals still use the libraries with broken SNI! :s
Same problem as your solution #1. It’s fine to not verify certificates, unless the server on the other end refuses to handshake if you don’t pass servername. So, basically, Plex still needs to fix this.
Yep, and with plugins going away there isn’t going to be a fix. If you still need to write/update Plex plugins, use one of the workarounds listed earlier in this thread.
This is quite frustrating and crappy from Plex. The only way I could think of getting around it was to create a local http proxy that’d interface to the httpS endpoint in the internet.
I have something working for this. I’m curious to see if this fixes your issue as well, @ddn.
The way I managed to get around it was creating an http proxy
Install Node
Install http-proxy
npm install http-proxy --save
Open Node and setup a http proxy
var httpProxy = require(‘http-proxy’);
httpProxy.createServer({changeOrigin: true, target: ‘https://www.thesportsdb.com’}).listen(8006);
Modify the agentservice.py file in Plex
sudo vim /usr/lib/plexmediaserver/Resources/Plug-ins-78232c603/System.bundle/Contents/Code/agentservice.py
Around line 1034, make it so the media_url is replaced with localhost when trying to request from sportdb (or whatever your source is).
Concern: What will happen when I upgrade Plex? Will my line change get overriden?
2.1 Perhaps, rather than changing the Plex code, /etc/hosts file can be changed to point external https url to localhost proxy (thinking out loud here). That way I wouldn’t need to change code. But this would cause all Browsing and other apps to go through proxy as well.
