That is a hole Plex keeps making deeper and deeper, and I am wondering if they still can get out of it....The problem with cert for Plex is that they have a lot more clients and these all handle things/security differently which is part of the reason the "security fixes" have been long coming to Plex. With Emby is easy for now as they only have a couple of clients to worry about.
Finally, they released an update that supports https. Time to give it a whirl.
That is a hole Plex keeps making deeper and deeper, and I am wondering if they still can get out of it....
Jaap
Well, get the newest server update and give it a try. :)
Thanks, seems to be working, but I'm no expert cryptographer, I'll have to fiddle around with the certs in a bit to make sure there's nothing blatantly bad, but it seems good enough from here (Seems like Plex has a sub-CA cert which signs *.${RANDOM}.plex.direct, your device then jumps on ${IP/./-}.${RANDOM}.plex.direct).
Thank you! You guys didn't cut any corners here. Super impressed. Congratulations on getting an intermediate CA deal worked out with DigiCert.
(moving to other thread)
Just wanted to say thanks for the excellent and innovative work here. I am sure you will get fewer kudos than you deserve for such a cool hack, most of us greatly underestimated the complexity of this rollout. Good work! :)
Thank you plex for fixing this security issue! great work!
