Hello, I am attempting to access Plex through my subdomain @ plex.mydomain.com via a reverse proxy, which also handles the cert from lets encrypt. I would like all Plex traffic to flow through that domain, rather than using the remote service offered by Plex. I currently have a Plex server running as a Docker container. After configuring the domain & proxy plex for web works perfectly when going to the subdomain / web. However, when I attempt to access Plex via Plex for Android, https://app.plex.tv/desktop/#!/, or iOS, it says the server is offline, regardless of what network I am on. I have claimed the server correctly, and I see it listed, but it just says offline. I have disabled remote access because I don’t want to open any ports on my server other than 443 (which is handled by the reverse proxy). I’ve tried enabling remote access with port 443, but that fails. I’m guessing that is in part due to the reverse proxy, but I couldn’t say why. I don’t understand how Plex authenticates users and points them to the property domain / IP. Any assistance would be greatly appreciated.
Server Version#: 1.41.9.9961
Player Version#: 4.147.1
<If providing server logs please do NOT turn on verbose logging, only debug logging should be enabled>
I enabled remote access on port 443 and it did not resolve my problem. Then I tried entering my domain under network / custom certificate domain but that didn’t help either.
Have you added your domain under ‘Custom server access URLs’ on the Network settings page? It should include https:// at the start. Should be the only place you need to enter it in Plex. All the custom certificate fields can be left blank.
When you enable remote access in the Plex settings PMS will publish your WAN IP address to Plex’s servers. When a client contacts Plex’s servers to get your PMS’s IP address it will receive both the WAN IP address and your custom domain address. Most clients will default to the WAN IP address.
It is counter intuitive, but if you only want Plex to be accessible remotely via your custom DNS address then you need to disable remote access to your server in the Remote Access settings. All this setting does is stop PMS from publishing your server’s WAN IP, it doesn’t prevent remote connections from still ocurring if you have a manual port forward or reverse proxy set up.
Plex will still publish the Custom certificate domain in Network settings to the Plex’s servers for discovery with remote access disabled. However, it will associate it with whichever port is configured in the remote access settings (default is 32400). You can change this by enabling remote access, manually setting the port forward to 443, and then disabling remote access. PMS will then publish the custom certificate domain with the correct port.
You can also set a Custom server access URLs but PMS will still publish the Custom certificate domain if this is set.
If you are using a reverse proxy, then you probably don’t need to set a custom certificate in Plex as the proxy will handle the certificate. You’ll just need the Custom server access URLs of the proxy.
You can play around with the settings and see what your PMS is publishing for clients to find by going to https://plex.tv/api/resources?includeIPv6=1&X-Plex-Token=<x-plex-token> where <x-plex-token> can be found as descibed here.
