Hi !
Please let us use a domain name instead of using direct ip, and import a SSL certificate to make a first step to https connexion. I'm sure it's easy to do, just replace ip by domain name and check if https is asked to be activated.
;)
NB : this will resolve the problem I have presented here https://forums.plex.tv/topic/126853-unknwown-server-and-problems-accessing-plex-web/
You should be able to set an DNS name yourself... its not limited to the Plex server
Nope, I already use a domain name. But .js files used in the server are using the original IP -> no https -> no domain name. At least we should be able to enter these values ourselves.
I don't have a problem with dns resolve(see attachment).. ...I think https would also no possible, but its sunday evening and I'm a bit lazy right now ^^
I don’t have any problem with DNS but with https because plex is not using the domain name but IP to load content.
Ahhh, now i get it^^, in the mean time you could create yourself a host-cert. This one can be used for every connection on this host.
I already have a signed certificate for my domain name. Plex scripts are using http://xx.xx.xx.xx links so I can’t have any certificate or force https…
This would be fantastic. The only current workaround that I can see is to utilize a NetScaler, where you could create a SSL VIP to front-end the HTTP service on the backend. Unfortunately, that is an extremely expensive workaround, and not feasible for the home user. I can't imagine this would be hard for them to implement as a feature...
Up
Up
Up again, we are more and more :D
I am using IIS Reversed Proxy and URLRewrite as mentioned above. I have have tons of other services running in my local network. Advantages:
-I only need to open port 443 in my firewall.
-I can sent HTTP Abort to some countries IP ranges via IIS. (I noticed this because as soon as I opened port 443 thousands of malformed requests started to hit my web server from some famous countries…)
- I can use single Web certificate for all my services. I have my own CA (trusted in all of my devices) and issued myself a *.mydomain.com star cert. Very convenient.
- Your friends and relatives can easily remember your host names like plex.mydomain.com or photos.mydomain.com etc…
-You can leverage additional IIS authentication mechanisms.
So, long story shot this is far more secure and convenient. But there are disadvantages:
-HTTP CONNECT is not supported in IIS Reverse Proxy/URLRewrite (not sure about Apache)! Therefore you can only use Web browser to access your services. For example I cannot use Synology DS Photo app with SSL while I can access the same library/service with https://photos.mydomain.com.
-This is not easy to implement for regular users. You really need to have technical background or at least you have to have a good friend with required skills
-Plex Web is not a real Web Server even it looks like one. They really need to change lots of things under the hood to support this. Especially now they have tons of clients on multiple platforms.
Conclusion; I don’t think that this will happen in short term or midterm. Sorry :(. But in the mean time there are some ways to accomplish the task. But you have to use Web Browsers not the apps…
@mrjlturner I think there are some VMWare images to try out hardware load balancers. Not sure about Netscaler but Afaik F5 may have one. But licensing part is unknown for me. They may have some connection limits but who cares you only need 5-10 concurrent connections while connecting to your home
Adding a Secure Socket Layer is no mean task. Personally I would prefer to see other features added or existing ones polished before SSL is added. For those who want it and are up to the task then add a reverse proxy and offload the https traffic to http.
I am afraid it isn't that optional since currently authentication tokens are sent in plain text to the server, and hackers are already selling access to hacked Plex machines online. There has been an attempt to build a dedicated front for Plex, but the developers involved noticed that many clients can't handle self-signed certs and/or SSL in general.Adding a Secure Socket Layer is no mean task. Personally I would prefer to see other features added or existing ones polished before SSL is added. For those who want it and are up to the task then add a reverse proxy and offload the https traffic to http.
Jaap
Conclusion; I don't think that this will happen in short term or midterm. Sorry :(. But in the mean time there are some ways to accomplish the task. But you have to use Web Browsers not the apps...
The question is not to add a lot of functionalities (to install and customize SSL certificates) but just, first, to let us replace IP present in all configuration files by a Domain Name added in the settings. This is REALLY simple to add, it's just replacing an IP value by a Domain Name value.
Adding a Secure Socket Layer is no mean task. Personally I would prefer to see other features added or existing ones polished before SSL is added. For those who want it and are up to the task then add a reverse proxy and offload the https traffic to http.
I'm not sure you've read the discussion. My opinion is : security first, just LET us set a domain name, and we will be able to do the rest. It is not really possible to have an efficient reverse proxy working because plex is using IP and doesn't allow to change it to a domain name. However, it is an easy-to-add feature.
The sooner we can set HTTPS the better tbfh..
It's amazing it hasn't happened yet.. i guess trailers were just more important *sigh*
We can finally add https to Plex. Thanks for the update.
Early 2021 clean-up: implemented
