Need help with my cert

Dev Community Apps & Creations
1

I was using the langui sh to set up my cert and this is what I got when following his steps and this was only creating it.  Any idea how i can get the Trailers.der file?

 

Windows 7 64bit OS

Python 2.7.6

Plex 0.9.8.10

ATV3 6.0

ip 198.168.2.11

router 198.168.2.1

DNS 198.168.2.27

 

 

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\windows\system32>set OPENSSL_CONF=c:\[PATH TO YOUR OPENSSL DIRECTORY]\bin\ope
nssl.cfgC:\OpenSSL-Win32\bin\openssl.exe req -new -nodes -newkey rsa:2048 -out C
: railers.pem -keyout C: railers.key -x509 -days 7300 -subj "/C=US/CN=trailers
.apple.com" -config C:\OpenSSL-Win32\bin\openssl.cfg

C:\windows\system32>C:\OpenSSL-Win32\bin\openssl.exe x509 -in C: railers.pem -o
utform der -out C: railers.dertype C: railers.key >> C: railers.pem
4236:error:0200107B:system library:fopen:Unknown error:.\crypto\bio\bss_file.c:1
69:fopen('c:\[PATH TO YOUR OPENSSL DIRECTORY]\bin\openssl.cfgC:\OpenSSL-Win32\bi
n\openssl.exe req -new -nodes -newkey rsa:2048 -out C: railers.pem -keyout C:
railers.key -x509 -days 7300 -subj "/C=US/CN=trailers.apple.com" -config C:\Open
SSL-Win32\bin\openssl.cfg','rb')
4236:error:2006D002:BIO routines:BIO_new_file:system lib:.\crypto\bio\bss_file.c
:174:
4236:error:0E078002:configuration file routines:DEF_LOAD:system lib:.\crypto\con
f\conf_def.c:199:

C:\windows\system32>

2

Hi There,

I would try the following:

1) Run your Command Prompt as an administrator
 

2) Use the open SSL commands as listed in the WIKI Post:

https://github.com/iBaa/PlexConnect/wiki/Install-Guide-Windows-Certificates

3

Still get the same msg.
 

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\windows\system32>C:\OpenSSL-Win32\bin\openssl.exe req -new -nodes -newkey rsa
:2048 -out C: railers.pem -keyout C: railers.key -x509 -days 7300 -subj "/C=US
/CN=trailers.apple.com" -config C:\OpenSSL-Win32\bin\openssl.cfg
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
Loading 'screen' into random state - done
Generating a 2048 bit RSA private key
................................................................................
................................................................................
...............................+++
...............+++
writing new private key to 'C: railers.key'
-----

C:\windows\system32>C:\OpenSSL-Win32\bin\openssl.exe x509 -in C: railers.pem -o
utform der -out C: railers.certype C: railers.key >> C: railers.pem
WARNING: can't open config file: /usr/local/ssl/openssl.cnf
unknown option C: railers.key
usage: x509 args
 -inform arg     - input format - default PEM (one of DER, NET or PEM)
 -outform arg    - output format - default PEM (one of DER, NET or PEM)
 -keyform arg    - private key format - default PEM
 -CAform arg     - CA format - default PEM
 -CAkeyform arg  - CA key format - default PEM
 -in arg         - input file - default stdin
 -out arg        - output file - default stdout
 -passin arg     - private key password source
 -serial         - print serial number value
 -subject_hash   - print subject hash value
 -subject_hash_old   - print old-style (MD5) subject hash value
 -issuer_hash    - print issuer hash value
 -issuer_hash_old    - print old-style (MD5) issuer hash value
 -hash           - synonym for -subject_hash
 -subject        - print subject DN
 -issuer         - print issuer DN
 -email          - print email address(es)
 -startdate      - notBefore field
 -enddate        - notAfter field
 -purpose        - print out certificate purposes
 -dates          - both Before and After dates
 -modulus        - print the RSA key modulus
 -pubkey         - output the public key
 -fingerprint    - print the certificate fingerprint
 -alias          - output certificate alias
 -noout          - no certificate output
 -ocspid         - print OCSP hash values for the subject name and public key
 -ocsp_uri       - print OCSP Responder URL(s)
 -trustout       - output a "trusted" certificate
 -clrtrust       - clear all trusted purposes
 -clrreject      - clear all rejected purposes
 -addtrust arg   - trust certificate for a given purpose
 -addreject arg  - reject certificate for a given purpose
 -setalias arg   - set certificate alias
 -days arg       - How long till expiry of a signed certificate - def 30 days
 -checkend arg   - check whether the cert expires in the next arg seconds
                   exit 1 if so, 0 if not
 -signkey arg    - self sign cert with arg
 -x509toreq      - output a certification request object
 -req            - input is a certificate request, sign and output.
 -CA arg         - set the CA certificate, must be PEM format.
 -CAkey arg      - set the CA key, must be PEM format
                   missing, it is assumed to be in the CA file.
 -CAcreateserial - create serial number file if it does not exist
 -CAserial arg   - serial file
 -set_serial     - serial number to use
 -text           - print the certificate in text form
 -C              - print out C code forms
 -md2/-md5/-sha1/-mdc2 - digest to use
 -extfile        - configuration file with X509V3 extensions to add
 -extensions     - section from config file with X509V3 extensions to add
 -clrext         - delete extensions before signing and input certificate
 -nameopt arg    - various certificate name options
 -engine e       - use engine e, possibly a hardware device.
 -certopt arg    - various certificate text options

C:\windows\system32>

4

Check our wiki instructions as well to make sure you installed the right version etc:


https://github.com/iBaa/PlexConnect/wiki/Install-Guide-Windows-Certificates

5

ok so that got rid of the error but I still get the unavailable try again later.  I redid the cert i deleted the atv profile aand re loaded it.

17:22:54 PlexConnect: started: 17:22:54
17:22:54 Settings: getsetting enable_plexconnect_autodetect=True
17:22:54 PlexConnect: IP_self: 192.168.2.27
17:22:54 Settings: getsetting port_webserver=80
17:22:54 Settings: getsetting hosttointercept=trailers.apple.com
17:22:54 Settings: getsetting enable_dnsserver=True
17:22:54 DNSServer: started: 17:22:54
17:22:54 Settings: getsetting port_dnsserver=53
17:22:54 Settings: getsetting ip_dnsmaster=8.8.8.8
17:22:54 Settings: getsetting prevent_atv_update=True
17:22:54 DNSServer: ***
17:22:54 DNSServer: DNSServer: Serving DNS on 192.168.2.27 port 53.
17:22:54 DNSServer: intercept: ['trailers.apple.com'] => 192.168.2.27
17:22:54 DNSServer: restrain: ['mesu.apple.com', 'appldnld.apple.com', 'appldnld.apple.com.edgesuite.net'] => 127.0.0.1
17:22:54 Settings: getsetting enable_webserver_ssl=True
17:22:54 DNSServer: forward other to higher level DNS: 8.8.8.8
17:22:54 DNSServer: ***
17:22:54 WebServer: started: 17:22:54
17:22:54 Settings: getsetting port_webserver=80
17:22:54 WebServer: ***
17:22:54 WebServer: WebServer: Serving HTTP on 192.168.2.27 port 80.
17:22:54 WebServer: ***
17:22:54 ATVSettings: init class CATVSettings
17:22:54 ATVSettings: load settings
17:22:55 WebServer: started: 17:22:55
17:22:55 Settings: getsetting port_ssl=443
17:22:55 Settings: getsetting certfile=/users/murdoch/desktop/plex1/plexconnect-master/assets/certificates/trailers.pem
17:22:55 Settings: getsetting certfile=/users/murdoch/desktop/plex1/plexconnect-master/assets/certificates/trailers.pem
17:22:55 WebServer: ***
17:22:55 WebServer: WebServer: Serving HTTPS on 192.168.2.27 port 443.
17:22:55 WebServer: ***
17:23:02 DNSServer: DNS request received!
17:23:02 DNSServer: Source: ('192.168.2.11', 50947)
17:23:02 DNSServer: Domain: trailers.apple.com
17:23:02 DNSServer: ***intercept request
17:23:02 DNSServer: -> DNS response: 192.168.2.27
17:23:09 DNSServer: DNS request received!
17:23:09 DNSServer: Source: ('192.168.2.11', 54494)
17:23:09 DNSServer: Domain: api-global.netflix.com
17:23:09 DNSServer: ***forward request
17:23:09 DNSServer: -> DNS response from higher level
17:25:32 DNSServer: DNS request received!
17:25:32 DNSServer: Source: ('192.168.2.11', 57906)
17:25:32 DNSServer: Domain: trailers.apple.com
17:25:32 DNSServer: ***intercept request
17:25:32 DNSServer: -> DNS response: 192.168.2.27
17:26:59 PlexConnect: Shutting down.
17:27:00 WebServer: Shutting down.
17:27:00 ATVSettings: save settings
17:27:00 WebServer: Shutting down.
17:27:02 DNSServer: Shutting down.
17:27:02 PlexConnect: shutdown
 

settings

[PlexConnect]
port_pms = 32400
port_webserver = 80
ip_plexconnect = 0.0.0.0

certfile = /users/murdoch/desktop/plex1/plexconnect-master/assets/certificates/trailers.pem
ip_dnsmaster = 8.8.8.8
loglevel = High
enable_dnsserver = True
logpath = .
ip_pms = 192.168.178.10
enable_plexgdm = True
hosttointercept = trailers.apple.com
port_ssl = 443
enable_webserver_ssl = True
prevent_atv_update = True
port_dnsserver = 53
enable_plexconnect_autodetect = True

6

Can you give us a little more to work from?

What version of Windows are you running?
What version of python do you have installed?

What do you have in the contents of your Certificates folder?

7

It was on my first post but here it is again.

Windows 7 64bit OS

Python 2.7.6

Plex 0.9.8.10

ATV3 6.0

ip 198.168.2.11

router 198.168.2.1

DNS 198.168.2.27

right now I have the cert text document it seems to come with the newest connect, my trailer.pem file and I have my security certification in the certification folders.  My dns on the atv3 is the same as my pcs ip.  Now on firewalls I have 2 inbound python.exe one tcp the other udp both dont have spifict ports I dont have any outbound.  now my pms only has one inbound and 0 outbound.

8

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.