@ChuckPa
Hi
I’m trying to connect to my friend’s plex server remotely and his getting the following error:
CERT: incomplete TLS handshake from “IP ADDRESS”: sslv3 alert certificate expired
On my side, I’m just getting “Playback Error, An unexpected playback problem occurred:”
Any Ideas how to fix this?
It works now :-)! The missing part was to log OUT from the RasPlex and then restart and do not relogin: I kept relogging into the RasPlex and that prevented me to access my server; I have a manual entered URL for my server in my server-profile (http, not https), maybe it relates somehow.
Thank you
Hi @ChuckPa can u reset my cert too, pls? Thank you.
Here I have msg:
xxx is Currently Unavailable. Please verify that server is running and has newtork connection…"
Server was fully reset twice yesterday and today. Error only on smart tv’s (LG. Sony, Samsung).
NO problem on smartphones or www. Issues only on smart tv’s.
Settings -> Advanced -> Allow Insecure Connections is set to Always, and on the server, ensure that Settings -> Network -> Secure connections is set to Preferred.
its set. but still not working.
Thanks for help
@ChuckPa Could you please check the certs for me
Thank you
Question:
If server is set to preferred or required:
On TV :
Allow Insecure Connections : On same network as server or Always
Prefer Insecure Connections: On same network as server or Always
I have tested back and forth now .
If I set server to “Preferred” and TV : On same network as server
Result:
TV won’t connect to Plex server. I have tried to restart - reboot everything. This setting seem to be buggy? As my TV is on the same network as server, then I should be able to connect to it if its set to Preferred and On same network as server .
Simply won’t connect .
If I use the same setting and change On same network as server to Always on both settings - its working .
Shouldn’t I be able connect TV to the server with “On same network as server” ?
I have a couple of external users, and I want the system to have REQUIRED, but then I cant connect my tv - EVEN though the settings are : On same network as server
Anyone else can confirm this “bug” ?
Is there any option to say to the server that this LAN ip can connect no matter what to the plex server? Disregard of what the Secure connections settings are ?
CERT: incomplete TLS handshake from [::ffff:xx.xx.xxx.xxx]:49218: sslv3 alert certificate unknown
What happens if it says unknown ? 
Hello @ChuckPa can you reset my certificate too?
Thank you in advance.
@GavinDunn Your friend (server owner) needs to get come here and most likely get a new certificate.
@runjerryrun Which server ?
@flecom Certificate reset. Restart the server.
@patrick-irl Certificate reset. Restart the server.
@Mariah22pl Certificate reset. Restart the server.
@Morphy It’s not buggy. The challenge is to figure out which combination works for your TV. If you want REQUIRED, replace the TV or get a set top box which will support required. (there are some TVs who never/no longer get their certificates updated - which is the root problem)
@VirulentPip If UNKNOWN, there’s a supplemental cert (user cert) in the mix which is not known to PMS and needs to be added. PMS was expecting something it knew and got something else. It’s triggering a Man-in-the-middle cert alarm.
Thank you. Self service options are always nice.
It seems my cert still isnt working for one of my managed accounts. Any chance I can get the cert reset again? It is only affecting my “Main” managed user.
I have removed those 2 older instances of the main server (the 5 year old entry)
I have reset the cert. Restart the server. If you still have a problem, it’s not the cert since we’ve fully crossed the 30-Sep boundary now
@ChuckPa Thank you, it was still not working however, so I stopped the server, then I removed it (and all my old tries) from those linked to my account, I stopped it, deleted the preferences.xml, the Cache folder and then I restarted it and re-did the initial setup (it recognized all existing libraries automatically) and now it’s again up and working!
I hope my experience can also help someone else with similar problems
@ChuckPa do i need to also ask my Friend to login with his account and ask you to also reset the Certificate for his Samsung tv app ? He doesn’t have a Plex Server he is only Remote stream from my Server using his Samsung Smart TV Model 2019
Thank you
Hi @ChuckPa and team, could you reset my certificate please? Still got the issue after restarting server and client.
Having a similar issue with mobile devices (iOS, android and Nvidia Shield TV pro). If I require secure connection within the server settings, these devices cannot connect to the server. Thus I’ve had to set secure connection to “prefer” and in the mobile devices set insecure connection to “always”. This allows the android and Nvidia Shield to connect, but not iOS as the app does not have an option for allowing insecure connections.
I have Plex server (1.21.0-3744) running on Synology DS920+ (brand new) all up-to-date.
Remote connections work (only when the device is set to allow insecure connections “always”.) The server shows that remote access available via 32400 on my external IPv4 address.
I have a Fritz!box 7530 with plex.direct added to the DNS Rebind Protection.
Oct 02, 2021 19:43:56.195 [0x7f6935e24700] Debug — CERT: incomplete TLS handshake: sslv3 alert certificate unknown
Oct 02, 2021 19:43:56.537 [0x7f6935b35700] Debug — CERT: incomplete TLS handshake: sslv3 alert certificate unknown
logs.txt (6.4 KB)
I see the above errors each time I open the Plex app on any of the above devices. However, when accessing Plex through the Windows Plex Media Player or app.plex.tv everything works fine.
When access server from iOS
Oct 02, 2021 19:55:11.881 [0x7f6935e24700] Warning — [CERT] TLS connection came in with unrecognized plex.direct SNI name '192-168-1-6.9737fa3d40524eeca656ffb9e3594c1d.plex.direct'; using installed plex.direct cert
Oct 02, 2021 19:55:11.882 [0x7f6935b35700] Warning — [CERT] TLS connection came in with unrecognized plex.direct SNI name '192-168-1-6.9737fa3d40524eeca656ffb9e3594c1d.plex.direct'; using installed plex.direct cert
Oct 02, 2021 19:55:11.896 [0x7f6935e24700] Debug — CERT: incomplete TLS handshake: stream truncated
Oct 02, 2021 19:55:11.898 [0x7f6935e24700] Debug — CERT: incomplete TLS handshake: stream truncated
Oct 02, 2021 19:55:11.903 [0x7f6935b35700] Warning — [CERT] TLS connection came in with unrecognized plex.direct SNI name '82-68-133-62.9737fa3d40524eeca656ffb9e3594c1d.plex.direct'; using installed plex.direct cert
Oct 02, 2021 19:55:11.912 [0x7f6935e24700] Debug — CERT: incomplete TLS handshake: stream truncated
On Plex server startup
Oct 02, 2021 20:26:09.496 [0x7f8c35802700] Error — Error issuing curl_easy_perform(handle): 28
Oct 02, 2021 20:26:09.499 [0x7f8c36cdb700] Error — [CERT/OCSP] Error opening file '"/volume1/@apphome/PlexMediaServer/Plex Media Server/Cache/OCSP/main.der"' - No such file or directory (2)
Oct 02, 2021 20:26:09.646 [0x7f8c35af1700] Error — [CERT/OCSP] response error: unauthorized.
Oct 02, 2021 20:26:09.759 [0x7f8c369ec700] Warning — MyPlex: attempted a reachability check but we're not yet mapped.
Oct 02, 2021 20:26:10.499 [0x7f8c36cdb700] Warning — MyPlex: attempted a reachability check but we're not yet mapped.
Oct 02, 2021 20:26:10.573 [0x7f8c04e20700] Error — Error issuing curl_easy_perform(handle): 60
Oct 02, 2021 20:26:10.573 [0x7f8c04e20700] Warning — HTTP error requesting GET https://**-68-133-**.c5a860d7ca2c4356b7*8c357e519d***.plex.direct:32400/identity (60, SSL peer certificate or SSH remote key was not OK) (SSL certificate problem: unable to get local issuer certificate)
Oct 02, 2021 20:26:13.295 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.3:8080/upnp
Oct 02, 2021 20:26:13.552 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.82:49153/description9.xml
Oct 02, 2021 20:26:15.462 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.87:49153/description2.xml
Oct 02, 2021 20:26:43.291 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.3:8080/upnp
Oct 02, 2021 20:26:43.992 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.82:49153/description9.xml
Oct 02, 2021 20:26:53.329 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.87:49153/description3.xml
Oct 02, 2021 20:27:13.291 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.3:8080/upnp
Oct 02, 2021 20:27:13.359 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.82:49153/description9.xml
Oct 02, 2021 20:27:24.205 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.87:49153/description3.xml
Oct 02, 2021 20:27:43.291 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.3:8080/upnp
Oct 02, 2021 20:27:43.382 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.82:49153/description7.xml
Oct 02, 2021 20:27:54.129 [0x7f8c34668700] Error — SSDP: Error parsing device schema for http://192.168.1.87:49153/description3.xml
Whats the idea @ChuckPa to have the options not to use secure connections on Lan even though network is set to Required and its not working ?
If my server is set to Required and my tv is set not to use Secure connection while if im on the same Lan as the server …why shouldnt it be able to connect then ?
The options on the client clearly states what it means , but that part isnt working . Or am I missing something here ? 
It could be that I would like the external access to have Required but when im home and im on my LAN , the server should accept the clients if they chosed that option??
Please create a new thread. This is becoming a discussion and not appropriate for a SSL certificate action thread
Thank you!
ALL:
Please review this announcement which was sent out by Plex to warn of the Sept 30 deadline.
It includes the known list of impacted televisions.
Thanks man! Not installed Plex on a Synology before, and had activated the see beta versions in the Syno Package Center.
So then installed the version of Plex that was available through that.
Did not even know NAS versions were available on the Plex Downloads Page 
Now that I’ve got the latest version secure connections appear to be working again!!
Oct 02, 2021 13:42:27.636 [0x7f5ae5446b38] DEBUG - [Notify] Now watching "/mnt/media/media/Movies/The Little Stranger (2018)"
Oct 02, 2021 13:42:27.649 [0x7f5ae4a71b38] DEBUG - HTTP/1.1 (0.3s) 422 response from POST https://plex.tv/servers.xml?auth_token=xxxxxxxxxxxxxxxxxxxx (reused)
Oct 02, 2021 13:42:27.650 [0x7f5ae4a71b38] DEBUG - MyPlex: Published Mapping State response was 422
Oct 02, 2021 13:42:27.650 [0x7f5ae4a71b38] DEBUG - MyPlex: Got response for cc4b461c964f6c3070d25e06dd9cbe4c3a78824c ~ registered :0
Oct 02, 2021 13:42:27.650 [0x7f5ae4a71b38] DEBUG - MyPlex: updating mapped state - current state: 'Not Mapped'
Oct 02, 2021 13:42:27.650 [0x7f5ae4a71b38] DEBUG - MyPlex: mapping state set to 'Not Mapped'.
Oct 02, 2021 13:42:27.665 [0x7f5ae5446b38] DEBUG - [Notify] Now watching "/mnt/media/media/Movies/The Happytime Murders (2018)"
Oct 02, 2021 13:42:27.695 [0x7f5ae5446b38] DEBUG - [Notify] Now watching "/mnt/media/media/Movies/Peppermint (2018)
If not remedied, please create a new thread and ping me to it.
