Could I request a certificate reset as well? Im getting SSL errors when trying to connect to an internally hosted plex instance with Sonarr & Lidarr.
Here is the error I am receiving:
CERT: incomplete TLS handshake from [::ffff:192.168.146.210]:45180: Connection reset by peer
Turn off IPv6 in Plex first (Settings - Server - Network - Show Advanced – at the top)
It’s not an error , it’s noise.
‘Connection reset by peer’ is Sonarr/Lidarr breaking the connection abruptly.
Both listed servers have current and valid certificates. Does Sonarr/Lidarr need restart ?
4 posts were split to a new topic: Plexamp not using current plex.direct certificate
Hello I am getting a SSL certificate error from my logs. After exactly one minute on remote access the stream is terminated. Here is the log:
[CERT] TLS connection from [2601:246:cc00:9:dd0c:1975:718b:9f6]:50337 came in with unrecognized plex.direct SNI name ‘2601-0246-cc00-0009-dd0c-1975-718b-09f6.b480a91be8694837b0995c075455abaf.plex.direct’; using installed plex.direct cert
Could I please get a reset? Any help is much appreciated thank you.
You got two certs back to back.
I reset it to clear it all out.
Restart server and all players after the server restart
Turn off IPV6 (settings - server - network. You have an IPv4 LAN.
Retest.
Provide DEBUG logs ZIP please after making the change if not resolved.
Thank you for your rapid response. I have the same symptom, but another error message. Please see attached log files
Plex Media Server Logs_2023-05-19_18-32-28.zip (1.2 MB)
I can easily replicate the problem and can provide more logs if needed.
After some additional troubleshooting…I can stream fine from an outside windows computer it appears. I was having trouble on my android device (cell phone). So perhaps it is my phone to blame? In any event I hope the info is useful.
I think I may be experiencing a related issue.
I can only access Plex through 127.0.0.1 on the hosting machine.
app.plex.tv does not work even on the hosting machine, and http(s)://serverip:32400/web does not work either (from any local device). HTTP://(server ip):32400/web only works when enabling insecure connections but app.plex.tv would still not work on any device because I think it redirects to HTTPS.
Attached is an image of a cert renewal error I’m getting in my logs.
Your certificate got stuck. I cleared it and generated a new one,
Please restart PMS and client apps.
If still not resolved, remove /var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Cache/cert-v2.p12 then restart again
Thanks Chuck! The behavior has stopped.
my cert also seems to have expired
[CERT] TLS connection from 192.168.1.157:54192 came in with unrecognized plex.direct SNI name ‘192-168-1-157.0c1269116f50413487b2e60451b7c320.plex.direct’; using installed plex.direct cert
Your server certificate was ok. It had reset this morning. I reset it anyway.
Restart the server and all apps.
Hi, I’m having a very similar issue where I cannot claim my server. The server had worked as expected until a few days ago, where my plex App could no longer see my servers. I tried to declaim / reclaim the server, but now I cannot reclaim.
The server logs show this error repeatedly:
(60, SSL peer certificate or SSH remote key was not OK) (SSL: no alternative certificate subject name matches target host name 'plex.tv')
Can someone reset my certificate or advise otherwise? Thank you!
Hey,
I just looked at your account.
I see you had a Ubuntu PMS server which you deleted ?
I don’t see anything after that.
Did you accidentally delete the server from Settings - Authorized Devices - Server ?
Thank you for your quick response ChuckPa.
I did delete the server from my Authorized Devices as part of my troubleshooting, thinking I could re-authorize it.
I’m willing to add it again as a “new” server if that’s what’s needed, but at the moment I receive that SSL error when clicking “Claim Server”.
To reclaim a server, AND having the tokens already in your browser (this is the sticking point).
Let me know if you have any issues.
Thanks for the steps, but it doesn’t appear that I have that “cert-v2.p12” file in “Plex Media Server/Cache”. Contents of that folder below.
If I try the rest of the steps, I see the same error (Second block below)
>> /var/lib/plexmediaserver/Library/Application Support/Plex Media Server$ sudo ls -la Cache/
total 92
drwxr-xr-x 8 plex plex 4096 Jun 20 17:41 .
drwxr-xr-x 14 plex plex 4096 Jun 20 17:47 ..
drwxr-xr-x 2 plex plex 4096 Jun 19 17:44 cl-icds-linux-x86_64
-rw-r--r-- 1 root root 6656 Jun 19 21:48 CloudAccessV2.dat
-rw-r--r-- 1 root root 12656 Jun 19 21:48 CloudAccountV2.dat
-rw-r--r-- 1 root root 5632 Jun 19 21:48 CloudUsersServices.dat
-rw-r--r-- 1 root root 576 Jun 19 21:48 CloudUsersSubscriptionsV2.dat
-rw-r--r-- 1 root root 560 Jun 19 21:48 CloudUsersV2.dat
drwxr-xr-x 2 root root 4096 Jun 19 21:48 fontconfig
drwxr-xr-x 2 root root 4096 Jun 19 21:48 OCSP
drwxr-xr-x 258 plex plex 4096 Jun 19 21:48 PhotoTranscoder
-rw-r--r-- 1 root root 7792 Jun 19 21:48 Privacy.dat
-rw-r--r-- 1 root root 4931 Jun 19 21:48 relayHostKey.txt
drwxr-xr-x 4 plex plex 4096 Jun 19 21:48 Transcode
-rw-r--r-- 1 root root 384 Jun 19 21:48 UpdateChannels.dat
drwxr-xr-x 2 plex plex 4096 Jun 19 17:44 va-dri-linux-x86_64
Error:
Jun 20, 2023 17:44:18.706 [140655539755832] WARN - [HttpClient/HCl#37] HTTP error requesting POST https://plex.tv/api/claim/exchange?token=xxxxxxxxxxxxxxxxxxxxBi8sPF (60, SSL peer certificate or SSH remote key was not OK) (SSL: no alternative certificate subject name matches target host name 'plex.tv')
Jun 20, 2023 17:44:18.706 [140655528921912] DEBUG - [Req#15d] MyPlex: Did token exchange for claim (returnCode: -60)
Jun 20, 2023 17:44:18.706 [140655528921912] DEBUG - [Req#15d] MyPlex: Got a token poked, let's act on it.
Jun 20, 2023 17:44:18.707 [140655528921912] DEBUG - [Req#15d/HCl#39] HTTP requesting GET https://plex.tv/api/v2/user/privacy?X-Plex-Token=
Jun 20, 2023 17:44:26.605 [140655539755832] WARN - [HttpClient/HCl#38] HTTP error requesting GET https://plex.tv/users/1e0d7617b2d1e23b/avatar?c=1687211799 (60, SSL peer certificate or SSH remote key was not OK) (SSL: no alternative certificate subject name matches target host name 'plex.tv')
Jun 20, 2023 17:44:26.743 [140655539755832] WARN - [HttpClient/HCl#39] HTTP error requesting GET https://plex.tv/api/v2/user/privacy?X-Plex-Token=xxxxxxxxxxxxxxxxxxxxficate or SSH remote key was not OK) (SSL: no alternative certificate subject name matches target host name 'plex.tv')
Are you using your own certificate, FQDN, or proxy?
Do you have IPv4 enabled?
I was using my own certificate, yes. But that setting has been cleared out after removing the Preferences.xml file. And for this troubleshooting I’ve been accessing Plex via my local network address.
IPv4 enabled? Within Plex I only have an option to enable IPv6, which is enabled. If you’re asking about within my network, yes IPv4 is enabled.
With your own certificate, did you update it per the SSL v3.0.0 specification changes?
Yes, I was asking about your LAN. The modem/router handles any IPv4-IPv6 translation/mapping.
