Hi @ChuckPa -Thanks for that. Plex did download a new cert at restart but this one comes up as invalid as well.
What am I missing?
Everything except remote Android? That doesn’t sound like a PMS cert probem.
If it’s a remote Android TV – scroll back and check please.
I will check your certificate
I think we are just trying to understand what is going on, that is all. Plex has stated certain devices will no longer work after 9/30, and certain devices will work. When client devices are on the compatibility list in relation to SECURE connections, I guess we assume they have been tested, and work. Configuring these compatible devices to remotely connect INSECURELY is not an option for me. I suppose I will just tell everyone connecting remotely to buy 4k Firesticks, assuming those work?
Sorry if I have upset you, and appreciate your reply and assistance.
For as much as we’d like, we can’t test every device available for purchase.
Our HW lab has a TON of stuff in it. (you’d think we’re wasteful in many ways but that’s what’s needed to do the job).
We admit our list is not conclusive / complete in ANY way.
This whole certificate thing is really unfortunate.
We all know the root cause is the expired Let’s Encrypt certificate.
We also all know that when the devices can update their internal certificates then everything again works as before.
The choices are really limited:
-
Update the client (TV , appletv, android device – possibly as far as factory reset & reload)
-
Take care of Plex’s certificates (which we’ve been doing in mass on plex.tv and myself here with you all.
-
Get a new device
-
Reconfigure Plex, by standing on our right toe in a lightning storm, to get it to work in a non-standard configuraton – knowing the security trade-offs
System date/time is valid; cert reports invalid on my local computer as well. I just added the R3 root cert to my computer and now it reports as valid. I can easily add that to my local computer, but what about my elderly aunt that uses my plex? She cant do that. Or my dumb-Apple-TV that won’t let me add a root cert…
I’ve seen some AppleTV users report success by performing a factory reset and reinstalling tvOS (forces all new certificates to download)
Thank you for sharing, I think this provides some context in relation to what your dealing with.
I think now is good time to say how great Plex is, long time user, and it has been mostly trouble free. We often only complain when things aren’t working, but rarely acknowledge them when they are working 
From your last response, it appears it is going to take some time to get this completely sorted out with third party devices.
Again, thanks for your help, and detailed response.
If my devices were impacted, (speaking as a user now)
I would get hold of Samsung – or hit their forums since there MUST be info posted by now.
I would also have been on the phone with AppleCare and tell them that my app vendor has reset all their certificates but my Apple device has stuck old certificates and ask for instructions.
1 Like
Thanks @ChuckPa - that makes sense. So newer OS/tools have LetsEncryptR3 Root cert installed and older OS/computers do not and will still see this as invalid. My roku also shows this as invalid, but its only a year old; at least I can “Allow untrusted” there. My macOS Catalina (a little old) does not have R3 by default.
I think now is good time to say how great Plex is, long time user, and it has been mostly trouble free.
I’ve been a plex user for only one year and got my pass a couple months ago. Agreed now is a good time to say thank you instead of complaining!
Can you try the reset for me too? I think its the same issue others are having.
Oh apologies, brain is fried right now.
CERT: incomplete TLS handshake from IPADDRESS: sslv3 alert certificate expired
Is that in the player or server ?
If player; which player ?
If server; which server version? … and which of your listed servers ?
Thats from the log in the server ( Version 1.24.3.5033) when a Tizen TV Plex app (5.25.2 Platform version 4 they said?)
Should be called The Black Pig v4.
Tizen version ? 2.4 ?
I have reset B.P.v4.
You may restart it.
Please advise results after restart & retest
Relaying what I got.
Plex 5.25.2
Platform Version 4 (no idea but its apparently a thing)
“TV software version is 1320.4 running Tizen 4.”
I’m not working locally with it, its a friend that uses my server.
(I mean, I have the server side, they have the client)
Anyway, I see it installs a certificate in the logs, I assume it means it picked up the new one.
Same issue though, along with a new one
[CERT] TLS connection from IP:PORT came in with unrecognized plex.direct SNI name ‘IPADDRESSblahblah.plex.direct’; using installed plex.direct cert
Users still say its not working still.
They say theres no updates available either, the TV is a 2018 and seems to be recent enough to not be the EOL issue.
Hopefully this is making sense.
I need your DEBUG logs ZIP file which captures both startup and this happening (if you can achieve that).
Something isn’t right because I’ve reset your certificate and it’s valid.
I suspect a conflict on your local system
I’ll grab that when I can.
Until that I will give additional info.
I’ve tried reinstalled Plex, downgrading (and updating again once it didn’t work) following guides from here which have solved smaller separate issues before.
Its running on a computer that only has Plex. It worked perfectly fine for months until this samsung tv user had this issue. I had thought it was the EOL but it doesn’t appear to be connected.
I also had a “failed to remove, access denied” on some local appdata transcode file but it seems to self resolve.
It also appears they can stream some items and not others too. Something they only just let me know and I hadn’t realized. I can’t find rhyme or reason to what works and what doesn’t.
I really appreciate the amazingly quick responses. Its very surprising.
edit: the CERT TLS error is actually from other devices now too.
With SNI name ‘IPADDRESS.XXXXX.plex.direct’ - What is the XXX part? Some identifier I assume.?
