Please do a full restart.
Let’s see what’s coming back in the log files.
ran sudo service plexmediaserver restart, still getting
MessageCERT: incomplete TLS handshake: sslv3 alert bad certificate
Server cert reset.
Restart server
I think I’ve got the certificate issue as well 
trying on my PS5 , phone and Tablet to watch but also the same error:
CERT: incomplete TLS handshake: tlsv1 alert unknown ca
Thanks in advance if you can reset/refresh it.
Thank you for resetting my cert, but still no luck.
Jul 19, 2021 07:49:59.995 [0x7f49a59f9b38] DEBUG - Completed: [127.0.0.1:36484] 200 GET /web/static/b38a559594ac52d049ba.png (5 live) GZIP 0ms 54413 bytes
Jul 19, 2021 07:50:04.134 [0x7f49a59d6b38] DEBUG - CERT: incomplete TLS handshake: sslv3 alert bad certificate
Jul 19, 2021 07:50:10.532 [0x7f49a56e7b38] DEBUG - BPQ: [Starting] -> [Processing]
Jul 19, 2021 07:50:10.532 [0x7f49a56e7b38] DEBUG - BPQ: generating queue items from 0 generator(s)
Please include the full Logs directory ZIP/tar.gz file . Grab as a tar.gz if needed
Logs.tar.gz (27.6 KB)
Do you have your own certificate attached to the system or wrapping proxy which is unknown to Plex?
PMS has successfully loaded its own certificate.
Jul 19, 2021 08:08:55.608 [0x7fcc2b7dfc40] DEBUG - Running migrations. (EPG 0)
Jul 19, 2021 08:08:55.619 [0x7fcc2b7dfc40] DEBUG - [CERT] Subject name is /CN=*.188c0b26fe9e43cd8edba733036ceb47.plex.direct
Jul 19, 2021 08:08:55.619 [0x7fcc2b7dfc40] DEBUG - [CERT] Installed certificate with fingerprint 16:02:37:04:3a:c2:52:4f:c4:eb:1b:3f:24:f5:ee:fa:54:43:9f:1f.
Jul 19, 2021 08:08:55.619 [0x7fcc2b7dfc40] DEBUG - [CERT/OCSP] Stapling requests will be made to 'http://r3.o.lencr.org/'.
Jul 19, 2021 08:08:55.619 [0x7fcc2b7dfc40] INFO - [CERT/OCSP] Successfully retrieved response from cache.
Jul 19, 2021 08:08:55.619 [0x7fcc2b7dfc40] DEBUG - HttpServer: Listening on port 32400.
Jul 19, 2021 08:08:55.619 [0x7fcc2b7dfc40] DEBUG - HttpServer: Listening on port 32401.
Jul 19, 2021 08:08:55.624 [0x7fcc26ab4b38] DEBUG - Grabber: Cleaning up orphaned grabs.
Yes, looks like its still valid for another month
Please be certain.
You have a certificate attached to the system (host)/proxy which you’ve not informed PMS about?
If true, this is why you are getting the cert errors.
- Traffic is received by your cert (which is coming from Plex.tv with its cert).
- The traffic is forwarded with the host’s (your) certificate.
- PMS is expecting the Plex certificate and is saying “No” (man in the middle attack prevention).
If you do have your own certificate, add it to Plex.
In the P12 file, add
- Cert
- Key
- CA
Inform PMS of this in Settings- Server - Network - Show Advanced.
After creating a p12 and letting plex know about it, I’m still getting the same errors.
I can see in the log that the server has accepted my p12
also seeing this in the error logs
Jul 19, 2021 11:18:25.702 [0x7f4cc0836b38] ERROR - CERT: Error acquiring new certificate: Failed to retrieve cert from plex.tv: 502,
Jul 19, 2021 11:18:36.200 [0x7f4cc0d3ab38] WARN - NAT: PMP, got an error: Not Supported by gateway.
Jul 19, 2021 11:18:39.202 [0x7f4cc0d3ab38] ERROR - Error issuing curl_easy_perform(handle): 28
Please give the team some time to look at it.
Both attempts to recreate the your server have the certificate in ERROR state.
This should never happen.
I’d like them to see it rather then me erasing it all.
If they don’t resolve it soon, I will reset it for you.
Your certificate is reset. You may restart the server and should be OK.
trying on my PS5 , phone and Tablet to watch but also the same error:
CERT: incomplete TLS handshake: tlsv1 alert unknown ca
Confirmed that after restarting the process, I can access my plex server.
Thank you very much @ChuckPa for seeing this through
To all following here:
Let’s Encrypt is having a tough time today.
https://letsencrypt.status.io/pages/incident/55957a99e800baa4470002da/60f5b56d1c82f805369a7d98
Restart the server.
Your certificate got generated a few minutes ago.
(The Let’s Encrypt outage appears to be resolving)
[FFmpeg] [ERROR] [tls @ 0xb4000078c6371ae0] The certificate’s owner does not match hostname plex.MYDOMAIN.domain
Is this error in my android app logs related to this, and if so would you be so kind as to reset my cert as well or help me with resolving this? I’ve been dealing with this issue for several weeks now where I am unable to play anything from my server on the android plex app when not connected to my home network. I would be more than happy to also DM you my server and android logs to figure out what is going it.
Did you add MYDOMAIN.TLD to Plex in **Settings - Server - Network - Show Advanced ?
That single excerpt line is insufficient to diagnose
