Server Version#: Windows Version 1.32.0.6918 and Linux Version 1.32.0.6918
Player Version#: any web browser, for example Version 4.100.1
Logs maybe unnecessarily.
After today’s update SSL feature stopped working. I keep getting cert with CN=*.8453dc3bd4e34898999315c487b16159.plex.direct. Have no idea how to turn off. Windows and Linux machine, same bug.
2 Likes
Try tip #25 :Linux Tips - #25 by ChuckPa
1 Like
Server Version#: Windows Version 1.32.0.6918
Have the same problem!
I have always used a certificate with AES 256.
The problem isn’t that it’s a 256 bit encryption; it’s the type of encryption used.
Please observe here:
version 1.1.1 will no longer be supported as of September 2023.
version ‘3.0.0’ (new numbering) drops support for certain encryption methods (less secure ones even if 256 bit)
Plex made the decision to upgrade now and get everyone stable on the new version with the new ‘3.0.0’ numbering system in advance of 1.1.1’s expiration.
2 Likes
I am also getting this same error and I use a Lets Encrypt Cert. So I am a little confused by the solution.
I figured it out! I added the line in your Linux tips link above to my script that runs and creates my cert file. This resolved it on my Synology Server using a Let’s Encrypt Cert.
Hello.
I have the same issue, but with my own ssl certificate (I have my own domain name) I don’t use Let’s encrypt for that, but a paid certificate. So the issue shows a Let’s encrypt issue. I don’t undertand how to solve the issue.
Any ideas?
Thank you
Ok I recreated ssl certs, keys, etc with the last openssl generator, and followed the tips procedure. Everything is fine now
Thank you
I’m fixed after repackaging my certificate, but yoooo the change management on this was handled poorly, or I’m not plugged into some channel I should have been to find out about this breaking change before it hit my system. Ultimately not a big impact, but a 3 min fix cost me an hour or two of debugging and validating that could have been avoided. Thx.
3 Likes
I agree 1000%! This was not listed int the Release Notes, and I do read them every time!
4 Likes
how did you go about repackaging? I’ve only had my latest custom cert for a month so surprised it’s apparently so old it needs changing but if you have a doc on the settings used that’d be great
You dont need to create other ssl cert, Key, pem. Only the pfx file:
openssl pkcs12 -export -out your-cert.pfx
-certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256
-inkey your-cert.key -in your-cert.crt
-certfile your-cert-auth.crt
-password pass:PASSWORD_HERE
Replacing your-cert with your files
Directly on my Ubuntu server, with terminal. After that you relaunch Plex server. It may solve the issue
4 Likes
thanks. the next question is how to validate it before upgrading?
Gave this a whirl and created a new pfx cert from my LE pem files. Same issue with Plex tho after changing the key in the config and restarting the service. Here is the command I used:
sudo openssl pkcs12 -export -out plex3.p12 -certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256 -inkey privkey.pem -in fullchain.pem
1 Like
Thanks!
perfect, thank you!
Thanks @bibhoun
In case someone needs this in a script for Cron, you can do so with the following syntax:
#Create P12 Certificate
openssl pkcs12 -export
-out /my/output/location/certificate.p12
-certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256
-in /my/input/location/cert.pem
-inkey /my/key/inputput/location/key.pem
-password pass:mypk12password
#Change Output Certificate Permissions
chmod 755 /my/output/location/certificate.p12
1 Like
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
