Server Version#: 1.41.5.9626-72009626
Hardware: Synology DS1525+ running DSM 7.2.2-72806.
acme.sh: 3.1.2
I installed acme.sh and obtained a certificate for my NAS:
./acme.sh --server letsencrypt --issue -d mydomain --dns dns_cf --home /usr/local/share/acme.sh
./acme.sh -d mydomain --deploy --deploy-hook synology_dsm --home /usr/local/share/acme.sh
I attempted to convert the certificate to PKCS12 for use with Plex:
./acme.sh --toPkcs -d mydomain --home /usr/local/share/acme.sh
In Plex > Settings > Network > Custom certificate location, I specified the path to the pfx file ACME generate and restarted Plex. Plex ignored this certificate and served the default one using xxx.plex.direct.
Previous discussion from 2023 noted an OpenSSL 3.0 upgrade as deprecating support for older, insecure encryption method.
I would expect that a new installation of ACME would use modern, secure encryption methods and that its pkcs conversion would also be suitable.
- Why is Plex rejecting the ECC cert?
- Can I pass some parameters to
acme.sh --toPkcsto convert to AES-256-CBC? - Alternatively, should I pass parameters to
./acme.sh --server letsencrypt --issue …to generate the cert with a different algorithm?
