Title explains the main problem.
The web app, either through local or app.plex.tv will never connect to my servers securely (remote or local).
However, both the Samsung smart TV app and Android and iOS Plex Apps show the green lock icons on the servers when I select them within the app.
Any ideas?
Thanks.
Switch your router to use the public DNS servers of Google (8.8.8.8 and/or 8.8.4.4.) instead of those of your ISP. Take a look at your router’s settings menu.
The mobile apps have this already built in as a fallback - that’s why they work.
(After making this change, you probably have to restart first your router and then after a few minutes all other devices on your local network too.)
You’re likely right in some fashion.
If I the app.plex.tx/web on my phone browser it shows them secured. It has to be something in my router.
However I had already set both the broadband and home networking DNS settings to googles (8.8.8.8 and 8.8.4.4) as well manually specifying these values on my devices networking and every combination in-between and it still doesn’t work through my home router. It’s probably doing something I can’t seem to set properly.
I will investigate along this manner.
Thank you.
Actually no, its not my router per se. Its my computer.
If I open up the page on my tablet/phone while connected to the home wifi it works, but it doesn’t on my windows 7 computer.
Any new ideas?
Thanks
Investigating even further. It is the web app specifically. Using Plex Home Theatre on the same router/wifi and computer results in secure connections (green locks).
It appears to be a problem with the web app in all instances in either firefox, IE or chrome and only when run from this computer. It’s the same on other connections from this computer. Tethering, public wifi where it works on tablet.
Then it may have to do with the other topic which is needed for secure connection on the local network.
But before going into detail about that: why do you need encryption on the same local network with your server? Even if you use WiFi, this connection surely is already encrypted. To add yet another layer of encryption is only wasting electricity and adds another layer of parts which all need to work, in order for you to watch a movie.
So my suggestion is to simply allow Plex Web to work unencrypted, if accessing a Plex server which is on the same local network.
Settings - Web - General - ‘Allow Fallback to Insecure Connections’ = ‘On same network as server’
Now the other part, which would allow encryption to work also locally:
Secure connections rely on cryptographic certificates. Those certificates are only valid for a certain unique domain. This means they cannot be made valid for a local private IP address, as these addresses are used in millions of local networks.
Therefore Plex uses a special top-level-domain under which every plex server gets a unique subdomain, specially assigned. The domain is *.plex.direct. The full domain for your server would be something like
192-168-2-100.e5a677b88e7d5c557b88e7d5c55.plex.direct
You can recognise the internal IP address of your server at the start. So the certificate is valid for this ‘FQDN’. But if you access your server on the local network, it doesn’t have a FQDN (fully qualified domain name).
Therefore Plex uses a thing named ‘DNS rebinding’. It allows the assignment of FQDN to local IP addresses. So after Plex server has started up and has fetched its cryptographic certificate, it tries to assign itself this special FQDN.
Unfortunately, this ‘DNS rebinding’ mechanism can also be used for nefarious purposes. Therefore many routers have a protection builtin, which prevents DNS rebinding from working.
An exemption has to be made, so your Plex server can gain its FQDN.
Some routers allow you to set this exemption. Some don’t.
For two router platforms which do support it, there are HowTo’s laid out here: https://support.plex.tv/hc/en-us/articles/206225077
(scroll down to ‘DNS rebinding’)
I have 2 servers actually, one remote and local. The local isn’t as much of a concern, its the remote I am concerned with mostly.
I’ve looked at that DNS rebinding thing for routers and ISPs, but wouldn’t that apply to all secure connections, not just the web app one?
Plex Home Theatre, iOS, Android, Samsung Smart TV app, all work on the local network (and other networks) showing secure connections to both the local server and the remote server.
Web App connections on my linux system (just tested it, had to update and set it up again) show secure connections to both as well. Web app connections on 2 different tablets and 2 different phones on both the local WiFi and external connections also show secure connections.
However, my main computer is Windows 7 (which is also the Plex Server). This is the only interface (besides a tiny screened phone) I have for consistent use and I use this for all administrative tasks through the web app and it appears to be the only one which cannot connect securely over just the web app. Plex Home Theatre running on the same computer shows secure connections.
For some reason it just appears to be the web app on this computer only.
I actually had this problem quite awhile ago (different question worded badly so I tried again). I have since reinstalled Windows 7 and right now the only things it runs is plex and a few games from Steam. It has all the latest updates for Windows 7. I am unable to update to Windows 10 (driver support - I tried it - I even tried Plex during the win 10 upgrade and had the same problem).
i have tried 3 different browsers, and turning off firewall and all suggestions i could find. This is my main computer (the linux one isn’t always here and its really old and slow) and I was hoping to find some inspiration to solve this.
Could there possibly be something in the network card firmware causing problems?
I appreciate your help, and I’ll look at any inkling of an idea someone may have.
Thanks.
DNS rebinding does not apply when we talk about remote servers.
So you must find out what is special about your local Windows Plex server. Do you use any configuration which deviates from a default network configuration on Windows?
Especially any tricks with VPN or DMZ or something may be worth looking into.
Sometimes it is as trivial as a network adapter driver software. Some drivers don’t work or switch on features which don’t work that well.
Are you saying that the web browser on the local Plex server cannot connect securely to the remote Plex server as well?
Yes, the web app on my local system (which is the plex media server) does not make any secure connections.
Attempting to access the local server (or the remote server) with every other devices and application regardless of what network it uses to connect results in it properly showing a secure connection.
Even running the Plex Home Theatre from this same computer (where the web app isn’t working) shows secure connections to both itself and the remote server.
It is only the web app running on my main system (the plex media server) that can’t make secure connections anymore it seems. I can’t think of why only the web app on this system fails where other apps on the same system work and other devices and computers on the same network work as well.
I am confounded. If it is a network driver issue it is only affecting the web app on the system (as the plex home theatre application seems to work).
I have tried signing out and signing back in. As well as removing the web app from devices and re-signing in.
As well as removing the servers and re-adding them.
Are you using any type of anti-virus on the plex server computer?
Which web browser are you using? Did you install browser extensions into it? Have you altered its configuration significantly from the default settings?
Have you tried a different browser?
Ok I feel like an idiot. You have solved my problem. Thank you so much.
It was fairly simple. My system was refusing the connections to <ip_of_my_plex_server><secret_key>.<plex_domain>, but only when coming from the web browser (thought it was maybe some scripting attack or something I guess). It allowed the connections from other applications. I whitelisted plex on my system and it suddenly worked.
Thank you again. I knew allowed plex connections, but I didn’t think that it blocked some seperate when coming from the web browser until your last comment inspired me to check if it did.
Thanks.
Hi, Any chance you can tell me how did you whitelist it? and where?
Thanks
