I also am getting the CERT: incomplete TLS handshake from tlsv1 alert unknown ca issue. The contents of Plex is shown on the TV, but as soon as play has been selected it starts transcoding until it times out and crashes. The highly descriptive ‘An unknown error has occurred’ is displayed.
I can attach any log if you like, but must say that I find this a bit of a security/privacy issue. I mean, everybody can download these logs and this thread is starting to be a spammers paradise! Harvesting these logs gives them a ton of mail and IP addresses…
Hello, I am asking this to anyone, but it seems that @chuckPA can resolve this kind of issues. Believe it or not, this makes now more than a year that I work on this issue, I even bought this morning a plex pass in a desperate attempt to resolve it.
Summary of the problem :
when I connect to plex/tv/app or plex/tv/web, it does show a menu, but not the server
when I click on the server, it says server unavailable
when I use the Windows player app, it says that the server is unavailable
First thing to check regarding SSL and a TV / player -
if the certificate-related errors only begin when the player is accessed
If other players , including Plex/web are OK
If Plex/web displays the green dot when accessing your server
This announcement is important to consider:
It is also known that certain players - Rasplex being one of them - also require updating
Rasplex update “b” available at github which corrects the problem
PHT - is no longer maintained by Plex nor is it maintained by any 3rd party
For some of the players, there are ways to update the certificate — seek them out as we cannot provide “official instructions” on how to hack a player.
Hello @chuckPA, in my previous post, I included some elements of what I considered to be hints, be you may discard them, and only retain the part where it says :
CERT: incomplete TLS handshake from [::ffff:xx.yy.zz.xx]:57584: sslv3 alert certificate unknown
or
ERROR issuing curl_easy_perform(handle)
Could you check if you could reset my certificate ?
Thank you for that, at least I progress a bit, I’ve confirmed that the issue is not from the certificate.
The 132.xx.62 is my compter at work, a Windows 10 station. Is there some logs I could extract from this computer to identify the issue ?
As of the ipv6, yes indeed it was deactivated, but I tried almost every setting changes today in a hope of a resolution of that issue. I’ll switch it back off.
Thanks for your support, really appreciated !!
By the way, to eliminate a variable from the equation, I also tried to replace my home ISP DNS by 1.1.1.1, just in case. It did not help.
If the server is operating normally for all local devices and, after reviewing the logs, there are no overt certificate errors in either server or player - then it’s a port forwarding problem.
It seems there is a trend right now.
ISPs seem to be updating their firmwares and configurations. Those updates are disrupting well-established configurations which folks like you have been using.
The solution is to tear down all the port forwarding and recreate it as fresh
The computer which has the server is a freshly Windows 11 install, without any modding, no vpn, so very “plan vanilla”. At work, the computer of course has an antivirus (McAffee) that I have no control, and they have in place “something” for the networks. It is a big network, with 10,000+ more devices across multiple sites. Would a ipconfig /all on this machine help the troubleshooting ?
W11 works very well. I mention that since I have these issue for a very long time, the issues were already there in W10. W11 manages much better the resources. The PC itself works much more smoother in everything than in w10. I did not observe new Plex behaviors since W11
Also, worth mentionning, from the server, http://127.0.0.1:32400/web/index.html#!/ indicates thet the connection is not secured (no HTTPS). I know that you seem to look forward the client, but I mention that the server does not look like secured.
Got a message when clicking on the lock that says :
This server could not prove that it is 127.0.0.1. Its security certificate comes from * .2f24106xxxxxxxxxxxxxxxxxxxx9a.plex.direct.
As of the port forwarding, I recreated it 1 hour ago. The server have a fixed LAN ip, Plex is configured to listen on a specific port that I chose, I created a PF rule un the router, TCP, internal to the server IP port 32400, external listening to the port I chose. I then tested with canyouseeme,org with the port and everything was fine.
Hi,
Both web and app players (Android and iPhone) work without issues.
The TV app shows the server’s content, but as soon as play is clicked the buffering circle appears until the unknow error message is displayed.
The only error in the log is the CERT: incomplete TLS handshake from tlsv1 alert unknown ca.
Another thing worth mentioning is that it has been working for years, so it could be related to the Let’sEncrypt cert.
I have deleted the .p12 and cache and restarted plex, but that didnt solve anything.
What can I check to see if its LE related, or some other issue? Maybe you can refresh my cert?
@chuckPA okay, done it. Deactivated the remote access, waited 5 mins, reacivated it only once, then went to other pages during the test. Closed browser on the client computer, relaunched it but the issue remains. Same for the Windows player app.
