I apologize. I had replied here. I must have messed that up somehow.
The remote player at:
Apr 15, 2022 08:42:00.449 [9044] DEBUG - CERT: incomplete TLS handshake from [::ffff:137.220.69.88]:7661: tlsv1 alert unknown ca
is presenting an unknown certificate CA. This is usually from a self-signed certificate. Does this make sense to you?
That’s it does not make sense. My friend is using a 2015 LG TV. how can a smart TV have self sighed certificate.
Agreed… Self signed certs in a TV are hard to do but there are those who’ve asserted it can be done,
Given it’s a 2015 LG, I do expect the cert is “well expired” since they stopped supporting that model
Sounds like “Add a set top box” time
I’m having similar errors, which appear to be certificate related.
I actually migrated my plex server from one Synology NAS to another, and I’ve had the exact same error saying that app.plex.tv is unable to connect to my server securely. It appears as if the certificate is attached to my old server. How can I get a new certificate generated?
Thanks for the assistance.
I just looked at your account.
There is no certifcate for your server.
Plex.tv will generate a certificate when the server knows it needs one.
I would like you to:
cert-v2.p12
If this does not allow the certificate to download, we will find out what is wrong with file permissions in the PlexMediaServer shared folder and/or connectivity which is blocking it.
Thanks for the response. Unfortunately, that didn’t work.
The new server created by the move has no library, so maybe that’s why it has no certificate associated? It is trying to pull all library content from the original server name, which is physically on the new drive, but I’m not sure the plex web app can find it there. I can see it in other apps, but not in any browser.-
Is there a way to create a log that might help?
OH SNAP. It must have worked. All of a sudden after a few minutes I can see everything! Thanks for the help!
Yes, it did.
I see a currently active certificate assigned to the server.
Enjoy.
Hi @ChuckPa, can you please help me with my certificate?
Currently getting this error from console:
CERT: Error acquiring new certificate: Failed to upload CSR: 429, <?xml version="1.0" encoding="UTF-8"?> <errors> <error code="1003" message="API rate limit exceeded" status="429"/> </errors>
and
CERT: Error acquiring new certificate: Failed to retrieve cert from plex.tv: 429,
Thank you for your help
You need to figure out what’s happening (likely damaged permissions in the Plex Media Server directory)
You’ve consumed 15 certificates in 21 days. Typical is 1 certificate per 90 days.
I have reset the certificate.
Restart the server.
Issue resolved, cache folder had damaged permissions, probably wasn’t able to save certificate correctly.
Thank you for your assistance 
Hmmm, I seem to have started getting this error too.
Suddenly I’m unable to reach my PMS in any other way than directly on my home network.
Can’t really say I’m a expert in this, but I see these lines in the log:
May 16, 2022 19:58:04.760 [0x7fc9e9fafb38] Debug — CERT: incomplete TLS handshake from x.x.x.x:1098: sslv3 alert bad certificate
May 16, 2022 19:58:04.765 [0x7fc9e9fafb38] Debug — CERT: incomplete TLS handshake from x.x.x.x:1099: sslv3 alert certificate expired
May 16, 2022 19:58:04.769 [0x7fc9e9fd2b38] Debug — CERT: incomplete TLS handshake from x.x.x.x:1100: sslv3 alert certificate expired
You too had used 30 certificates in 30 days. I do not see “429” (throttled) errors.
What you show there looks like a device with an expired main cert.
As for the server itself – Please check/fix the permissions on the “Cache” directory and other files there.
Restart the server after you’ve made the corrections . I reset the certificate for you.
I went to the Cache directory and deleted cert-v2.p12 as mentioned above here.
After a restart it was working again.
Thanks if that was your doings
As for the permissions it seems to be owned by “998:plex”
My PME is running on a Proxmox in a ubuntu LXC.
I was struggling to get the users mapped properly, so that could be a problem.
However, it has been working perfectly for months.
Hello @ChuckPa!
I had to do a couple different iterations of installing Plex through Portainer. Everything is working now, but my certificate is likely tied to one of the previous installations. I have deleted cert-v2.p12 and restarted Docker, but I am still getting the “Certificate name does not match input.” error.
Will resetting the certificate on your side fix it, or do I need to delete some other files?
Josh,
The cert was created fresh today (Wed, 25 May 2022 20:00:50 +0000)
and then marked active (Wed, 25 May 2022 21:02:07 +0000)
What are you doing with a certificate which is calling out a name not matching?
What can you show me ?
Originally, I found this thread beccause when I went to my internal Plex server (http://[server]:32400/web/), my Movie and TV folders had a little (!) next to them telling me that the certificate name does not match input.
That problem is now resolved (thank you if you did something!), so let me ask you a related question.
Should that certificate allow ssl access on my internal Plex server (https://[server]:32400/web/)? Because I do see that same “Certificate name does not match input” error again when I try to connect with https.
By not telling me what [server] is, I can’t answer the question
How do you specify that?
The only time it’s going to complain is when there’s a certificate (for a domain) involved and the domain name (which is encoded in the certificate) doesn’t match.
If you are using your own domain name with Plex (which is common)? or is it attached to the host?
Did you add your domain certificate to PMS (Settings - Server - Network) ??
Most times, we open http://server-address:32400/web.
Plex/web itself , because it has Plex’s certificate embedded, connects back to the server using https. The certificates match and we get the green dot to show the connection is secure.
Lol. Fair enough and I think you’ve answered my question.
I am using my own FQDN and I have certificates from my registrar.
I reach my NAS internally at https://nas.mywebsite.com, and I have installed my certificates on my NAS. I installed those same certificates on my portainer (https://nas.mywebsite.com:9000) and that’s secure.
I have not added any certificates to Plex itself, but I think you are telling me that I can if I wanted to. Am I getting that right?
That’s correct.
If you add your certificate to Plex, it will know to ‘switch’ from your certificate (on the inbound) to its certificate for all Plex-Plex communication.
It’s important (required) that your certificate also include the CA (Certificate Authority) info in the P12.
PMS requires this to guarantee the identity being claimed is real (Prevent self-signed certificates from falsely claiming/spoofing an identity)
