1.32.0.6865 Breaks custom SSL certificate

ChuckPa · April 5, 2023, 12:01am

TO ALL FOLLOWING HERE:

PMS 1.32.0 updates our openSSL library to openSSL v3 and finally dumps the long-deprecated openSSL v2.
As such, openSSL v3 dropped support for some encryption methods
Unless you specified one of the more secure methods when you created your cert, you were likely to get one which is no longer supported by openSSL v3.
Working with Engineering, and confirming PMS behavior, I have information for you on how to regenerate your certificates to be PMS-compatible moving forward

Here is my (redacted) certificate generation script

# Generate new p12 (Acme LE is valid until 2025)
openssl pkcs12 -export -out mydomain.p12 \
	-certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256 \
	-inkey mydomain.key -in mydomain.crt \
	-certfile Acme-LE.crt \
	-password pass:MyPasswordHere

~~I will add this to Linux Tips~~

Topic		Replies	Views
Plex Media Server 1.32.0.6918 custom certificate must be regenerated with new OpenSSL arguments Plex Media Server server-linux	17	1307	October 18, 2023
PMS SSL Uses *.plex.direct Let's Encrypt SSL certificate instead of custom configured certificate Plex Media Server server-linux , networking	11	547	November 3, 2023
SSL became broken after latest PMS Update Remote Access networking	17	4432	September 27, 2023
Certificate problems on new server 1.32.0.6865 Plex Media Server server-windows	6	256	July 4, 2023
Plex not using my SSL Certificate after v1.31.3.6868 (tried 1.32.1.6918 & 1.32.1.6999) on Server22 Plex Media Server server-windows	6	223	August 17, 2023

1.32.0.6865 Breaks custom SSL certificate

TO ALL FOLLOWING HERE:

Related topics