Decrypting the plex.direct certificate?

Server Version#: 1.18.9.2578

I’m trying to decrypt the plex.direct certificate. I was told that it’s stored in the servers Cache folder, and the key is equal to SHA512("plex" + id), where ID is equal to the ProcessedMachineIdentifier in preferences. However, when I run the following commands to attempt to decrypt the key and certificate:

echo "plex$machineID" | sha512sum

openssl pkcs12 -in certificate.p12 -out plex.cert -clcerts -nokeys -passin "pass:<that hash>"
openssl pkcs12 -in certificate.p12 -out plex.key -nocerts -nodes -passin "pass:<that hash>"

I just get an invalid password error from OpenSSL.

Am I doing something wrong? I’m using the exact cases that are spit out from the preferences file, and sha512sum, and I’ve tried uppercase, lowercase, etc.

Thanks!

You’re trying to break encryption?
To what end?

I’m attempting to dynamically modify /library/metadata responses. My current solution is to bind port 32400 to a different port, such as 32401, and then use a reverse proxy to make all requests to that endpoint go through my custom server, and have all other requests go through the Plex server (and bind the proxy to port 32400).

I’m attempting to extract the certificate and key so that I can serve that with valid TLS.

When using echo for things like this, you need to pass -n to keep it from printing a trailing line feed; that’ll be screwing up your hash.

Thank you, that worked!

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.