I have been trying to install my own custom ssl certificate (using a local root CA that I use internally), and it hasn’t been going well. This is probably my fault, and I am still learning exactly what I need in my ssl certificate for the PMS to let it use the local cert.
In doing this, I have been restarting the plex server and resetting the Cache as I try to debug the issue. Unfortunately, doing so has caused a 429 error with uploading the LetsEncrypt CSR. In retrospect, I see how I caused this, but I don’t know how to proceed to reset the process. Do I just wait? Do I need help?
You cannot use self-signed certificates.
You must use publicly accepted certificates, like those from Letsencrypt etc. This is what Plex uses by default, btw.
You get a personal cert automatically from Plex. Why do you need your own?
As I mentioned above, I’m still learning about certificates. I’m also new to Plex. I have my plex server at 10.0.5.x behind my lan and direct access to that IP throws an ssl error. I was simply trying to remove that error as I have done with other devices using a self-signed cert with my own rootCA cert registered on all my devices. My hope was that Plex could use my cert for local connections and whichever cert Plex preferred for the central server.
I don’t doubt that you are right about not needing to do this. I was just trying to neaten up some internal bits while learning about the certificate process. What I didn’t realize was that my playing around was taxing an external server when I failed. It wasn’t my intent to be pinging LetsEncrypt for new certificates.
Having now read the linked articles and (many) other posts on this forum about a similar error, it seems like I made a couple mistakes that led me here:
Trying to use a self-signed cert. My self-signed cert (which included my ip address) was not recognized by plex and then defaulted to the LetsEncrypt cert. The rejection of my self-signed cert was fairly silent so I didn’t know what the issue was leading to my trying repeatedly. Or at least, I didn’t see the error.
From other posts here, I was deleting my Cache while trying to get my cert to work. Unbeknownst to me, this was generating a csr upload for a cert renewal on each restart. This put me over some threshold on the plex server.
At this point, it seems that my certificate account likely needs to be reset. I see on some older posts @ChuckPa has been able to do this in similar situations.
I had no idea I was generating repeated renewal requests.
Thank you. I appreciate it. I now know what I was doing that was driving the repeated csr requests as I messed with the cache. I apologize. I did not know that my swapping certificates and restarting the server was generating external CSR requests using plex resources. I assumed (wrongly) that everything was local.
