Plex Media Server v1.32.0.6918 can't use user-provided certificate

Plex Media Server
,
1

Server Version#: v1.32.0.6918
Player Version#:
<Apr 11, 2023 11:11:08.869 [0x7f0c1c0c8b38] INFO - Plex Media Server v1.32.0.6918-6f393eda1 - Docker Docker Container x86_64 - build: linux-x86_64 debian - GMT 08:00
Apr 11, 2023 11:11:08.871 [0x7f0c1c0c8b38] INFO - Linux version: 5.15.102-1-pve, language: en-US
Apr 11, 2023 11:11:08.871 [0x7f0c1c0c8b38] INFO - Processor: 8-core Intel(R) Xeon(R) CPU E3-1265L V2 @ 2.50GHz
Apr 11, 2023 11:11:08.871 [0x7f0c1c0c8b38] INFO - Compiler is - Clang 11.0.1 (https://plex.tv 9b997da8e5b47bdb4a9425b3a3b290be393b4b1f)
Apr 11, 2023 11:11:08.871 [0x7f0c1c0c8b38] INFO - /usr/lib/plexmediaserver/Plex Media Server
Apr 11, 2023 11:11:08.869 [0x7f0c1c336a90] DEBUG - BPQ: [Idle] → [Starting]
Apr 11, 2023 11:11:08.872 [0x7f0c1c336a90] DEBUG - FeatureManager: Using cached data for features list
Apr 11, 2023 11:11:08.934 [0x7f0c1c336a90] DEBUG - [CERT] Subject name is /CN=*.18c736b7eaa.plex.direct
Apr 11, 2023 11:11:08.934 [0x7f0c1c336a90] DEBUG - [CERT] Installed certificate with fingerprint 91:03:be:f0:1b:0a:ae:58
Apr 11, 2023 11:11:08.934 [0x7f0c1c336a90] DEBUG - [CERT/OCSP] Stapling requests will be made to ‘http://r3.o.lencr.org/’.
Apr 11, 2023 11:11:08.934 [0x7f0c1c336a90] INFO - [CERT/OCSP] Successfully retrieved response from cache.
Apr 11, 2023 11:11:08.936 [0x7f0c1c336a90] ERROR - [CERT] PKCS12_parse failed: error:0308010C:digital envelope routines::unsupported
Apr 11, 2023 11:11:08.936 [0x7f0c1c336a90] ERROR - [CERT] Found a user-provided certificate, but couldn’t install it.
Apr 11, 2023 11:11:08.936 [0x7f0c1c336a90] DEBUG - HttpServer: Listening on port 32400.
Apr 11, 2023 11:11:08.937 [0x7f0c1c336a90] DEBUG - HttpServer: Listening on port 32401.
Apr 11, 2023 11:11:08.937 [0x7f0c1c336a90] DEBUG - Running server


As shown by logs, plex media server won’t install user-provided certificate instead of using its own.
The certificate is working on last version 1.31.3.6868 but not on the latest version v1.32.0.6918

2

This is discussed throughout the forum. searching would have saved you time.

1 Like
3

Tks your tips, my issue was resolved.

1 Like
4

Hi,

When i run

 docker run --rm docker.io/plexinc/pms-docker:1.32.0.6918-6f393eda1 openssl version

i got

OpenSSL 1.1.1f  31 Mar 2020

Are you sure you have upgrade OpenSSL in version 1.32.0.6918-6f393eda1 ?

5

@vdk

mainstream Ubuntu 20.04.5 LTS is currently using 1.1.1f

[chuck@lizum ~.2002]$ openssl version
OpenSSL 1.1.1f  31 Mar 2020
[chuck@lizum ~.2003]$

The task is to select a new encryption ( AES-256 is demonstrated in the How-TO)
and upgrade the certificate now. You’ll find 1.1.1f already has AES-256 available.

6

OK for the task, it’s ok on my side.

I was commenting on the fact that you said (cf Linux Tips - #25 by ChuckPa):

PMS 1.32.0.6865 and above updates OpenSSL from v1.1.1 to v3.0.0.0

7

PMS is compiled with OpenSSL v3.0.0 libraries.

Sorry if I was ambiguous.

8

OK, Great.

Thanks for the clarification.

9

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.