when logging in to my account and moving to the http://plex.tv/web/app, i notice i lose the https in the bar and my connection is no longer encrypted. is there a way to keep the connection encrypted when connecting from outside my local network?
do the media clients also not use encrypted connections when connected outside the local network?
is there a way around this?
We've experimented with different methods of using https with the web app, but they required some wildcard dns magic that didn't play nicely with routers that prevent dns rebinding. All requests to plex.tv (e.g. signing in) use https, and media servers have basic support for https, but clients mostly use http to talk to media servers. We have some plans to expand https support in the future, but we're not in a place to discuss them currently.
Any update on this ?
Agreed, this is rather important! Any status updates?
Looking at how the plex.tv web-app is working, it talks most of the time directly to http://PLEX_SERVER_IP:PORT/...What is served from plex.tv is just a bunch of static javascript files. There are some authentication data to plex.tv as well, but they are sent to https://plex.tv.
If the web-app itself was under https, we would get a mixed content warning because it still used http:// to get to your plex-server. Putting an ssl certificate on your plex-server would again be a little problematic since it had to be signed. To serve ssl traffic, the private key needs to be on the server, so an certificate like *.servers.plex.tv probably wont be the solution.
Using letsencrypt.com might be a solution, but thats not available before summer.
For Plex to proxy every connection wont be a solution, that would be hell of a lot bandwidth..
One option, would be to offer ssl as an advanced option and let people buy or get their own certificate. SSL is cheap, $5/year @ https://cheapsslsecurity.com/if you sacrifice the support.
I, for sure would buy a certificate for my whatever.server.plex.tv.
For me, I wont buy plex pass (wanted lifetime), before this is fixed, or an advanced solution is in place. So please plex, just make an "yes I want ssl" checkbox, that will access the resources on https instead of http. That looks like a good temporary workaround. I am sure there will pop-up blog-posts explaining people how to setup this on their own servers..
Looking further, it looks like the work to get this done is half-done already. Plex.tv sets some information in the browsers local storage (html5 db, cookie'ish), that looks like this:
{"users":[{"accessToken":"...","servers":[{"connections":[{"scheme":"http","address":"10....","port":"32400"},{"scheme":"http","address":"82....","port":"12345"}],"friendlyName":"plex","machineIdentifier":"...","accessToken":"...","cloud":false,"shared":false,"synced":false,"sources":["myPlex"]}],"id":1234,"title":"title","home":false}]}
Here is a prioritized list of ip's to connect to so it will work better while on the same lan. But also, it defines a "scheme". So everything plex has to do, is letting us override this list (and enable https on plex.tv if server is using https schema).
Please plex(!), can we get more "advanced" controll here.. We can wait for a "real" solution now that we can see the problem. But I bet most of the people caring about this will be more than capable of setting up their own domain and ssl certificate (via a reverse nginx proxy or something), to get this to work. I might even create a simple docker container for this and a little blog-post writeup..
Highly interested in this as well - would like to be able to generate my own certificate so I can enable Plex / SSL behind my reverse proxy.
I would totally purchase my own SSL and put in on my server
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
