My certificate was created in May, so after the SSL changes. I just confirmed the version of openSSL used on my machine was 3.0.2.
Just to clarify though my current settings do not point to a custom certificate.
I just tried to claim it again and it claimed successfully. I don’t know what changed, I can confirm the request wasn’t succeeding as of 2 hours ago, but either way I’m happy it’s working now.
Thank you for your help!
Hi, short question where is the right location on the PMS for a custom SSL cert? Couldn´t find any documentation.
Thx
So it doesn´t mind the location on the server itself, aslong the custom path is the right one?
The plex user (plex - or - whichever UID it runs as) needs to have READ permission to it. That’s all.
Remember:
Cert, Key, and CA in the P12 file
Hi,
I have created a new .p12 file with following lines:
openssl pkcs12 -export -out plex.p12
-certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256
-inkey private.key -in public.crt
-password pass:keines
For what do I need a certfile for the .p12? I got from the SSL cert provider only the public.crt and the private.key…
Also checked the permission for the files:
And the setup in the PMS GUI looks also good:
But I always get the same errors:
And the server is using the default cert. I have also rebooted the PMS server…
You forgot the CA portion of the cert.
openssl pkcs12 -export -out plex.p12
-certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256
-inkey private.key -in public.crt
-password pass:XXXXX
PMS requires the CA as well (so it can validate the cert you gave it)
You need the add the -in CAprovider.crt clause to the P12
With CA portion of the cert you mean the root cert from Let´s encrypt for example?
If Let’s Encrypt provided your cert then Yes.
With the cert, you can also download the Let’s Encrypt CA.
This is what you add as the 2nd cert with your cert & key.
Example:
-out mytld.p12 -inkey mytld-production.key -in mytld-production.crt
-certfile Acme-LE.crt
-password pass:password
Now I have used the Let´s Encrypt root cert, but still no success…
openssl pkcs12 -export -out plex.p12
-certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256
-inkey private.key -in public.crt
-certfile isrgrootx1.pem
-password pass:password
Permissions should be fine:
But still errors in the log:
Also rebooted the PMS…
Hi there, is there any chance you could reset my certificate?
I have reset your certificate.
There is a problem somewhere - Your server has requested a new certificate every day for the past 15 days.
I suspect a hardware problem -or- ???
Don’t forget to restart the server and all the players.
Thank you! Im using the Shield for everything plex related. I also use a vpn but I switch it off before I use plex. Could that be the culprit?
@ChuckPa, could you please reset my certificate? It has exceeded the API limit, as I deleted my entire Cache folder several times while debugging a GPU transcoding issue (I now realize removing the entire folder was a mistake).
Do you prefer a public or private 
slapping? 
Your certificate has been reset
Restart the server
Tell all players to restart after the server is back up with new certificate.
Perfect (other than the slapping), thanks!
Hi, is there any chance you could reset my certificate?
See if that will help…
Plex Media Server.log (119.3 KB)
I updated the docker a few hours ago. Could not connect to the server at all after that.
Used this one… binhex/arch-plex:1.32.4.7195-1-01
Now it seems the server is working, but the files are missing.
Have been running the server(s) for years. But when this happens, i’m lost 
