Hi, I wonder if anyone can help me solve my problem.
I can connect to my plex media server using my Synology NAS IP, Example 192.168.1.109:32400, I can connect to my server using the webpage https://app.plex.tv/ but for some odd reason i cannot connect to my server using my custom domain name. Example - https://mycustomdomain.co.uk:32400/web.
Please see attached screenshot.
When clicking the link in the screenshot it opens in a web browser but says the web address and then says refused to connect.
I have a static IP in place and can connect to my Synology NAS using my own domain which includes other applications such as Synology drive.
For the benefit of this i have set up custom port within plex to be 32400 and port forwarded the relevant ports. 192.168.1.109 > Internal port: 32400 > External port: 32400
Has anyone got any thoughts on what could be causing this problem?
Thank you in advance for any help.
Synology NAS 920+
Server Version#:1.19.5.3112-b23ab3896
Player Version#:
Did you add your custom domain to PMS?
Plex uses HTTPS and its own certificate for that HTTPS. If it detects another unknown certificate trying to interject, it will refuse the HTTPS connection.
Settings - Server - Network - Show Advanced
will show you the fields to fill in for your domain.
A good place to place the certificate file, where it will do no harm, is at the top of the “Plex” share (/volume1/Plex) if you don’t know where it’s installed in DSM now.
The support documentation is here:
https://support.plex.tv/articles/206225077-how-to-use-secure-server-connections/
Scroll down to: What About Via IP or My Own Domain?
Hi Chuckpa,
Thank you so much for your help.
My Synology NAS uses Lets encrypt certificate is it this that i export and place in (/volume1/Plex)?
Forgive me for my lack of knowledge in both this areas, i am new to plex and Synology NAS.
Thank you again for any help in advance.
That’s pretty much correct except I would put your file above “Library”.
Everything in “Library” is for us to use
I am not happy with anything else in the Plex share but if you keep it at /volume1/Plex/your-certificate.pem, that would be ok and non-interfering.
Thank you for your help. I can confirm that i now access to my plex library via mydomain.co.uk:32400/web. The only problem is that it is still showing as not secure? Should it be?
& when i try to access my domain via https://mydomain.co.uk:32400/web it says connection was reset.
As you have advised, i have changed the location of the certificates.
Download and attach the logs ZIP please.
Let me see what PMS is doing with your new certificate.
It’s behaving as if the new domain is not being accepted.
Okay, thank you for taking the time to look. Please see attached logs. Plex Media Server Logs_2020-08-26_15-31-54.zip (1.5 MB)
Hopefully this means something to you.
There appears to be an error in the certificate.
Aug 26, 2020 15:28:04.164 [0x7f6a38c83740] DEBUG - CERT: OCSP requests for stapling will be made to 'http://ocspx.digicert.com/'.
Aug 26, 2020 15:28:04.177 [0x7f6a38c83740] INFO - OCSP: Successfully retrieved response from cache.
Aug 26, 2020 15:28:04.177 [0x7f6a38c83740] DEBUG - CERT: Installed intermediate certificate.
Aug 26, 2020 15:28:04.177 [0x7f6a38c83740] ERROR - CERT: d2i_PKCS12_fp failed: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag
Aug 26, 2020 15:28:04.177 [0x7f6a38c83740] ERROR - CERT: Found a user-provided certificate, but couldn't install it.
Aug 26, 2020 15:28:04.177 [0x7f6a38c83740] DEBUG - HttpServer: Listening on IPv6 as well as IPv4.
Aug 26, 2020 15:28:04.177 [0x7f6a38c83740] DEBUG - HttpServer: Listening on port 32400.
Aug 26, 2020 15:28:04.178 [0x7f6a38c83740] DEBUG - HttpServer: Listening on port 32401.
Im afraid it doesnt. I got the certificate from Lets encrypt via DSM settings, Security > certificate.
& then i exported the certificate to use with PMS?
The exported certificate gave me three files which are
Its these files ive used with plex media server? Should i be using this certificate or should i be getting one from somewhere else?
I’m afraid you’ll have to ask either Synology or via the LetsEncrypt forums for what to do next.
I have no experience with certificates
Okay, ill get in touch with synology and see what they say. Really appreciate your help though. Thank you.
I think you need to generate a pfx file from your certificates.
I have a custom domain set up on my syno.
Will see if I can dig up my code for generating the pfx file a bit later.
This is what I use to generate mine:
Login via ssh, then run this: (you will have to enter your admin password as it is running sudo
sudo openssl pkcs12 -export -out /volume1/Plex/plexnas.pfx \
-inkey /path/to/your/privkey.pem \
-in /path/to/your/cert.pem \
-certfile /path/to/your/chain.pem
you will need to change /path/to/your to where your exported certificates are
It will ask you for a password for the pfx, add one and this is what you will need to put in Plex.
so your settings in Plex would then look something like this:
(and no that’s not my real encryption key)
Thank you for getting in touch blim5001, really appreciate the help. I will try it now
my previous post updated.
Thank you, im gonna try it now.
I see from your screengrab, those exported certs are on your PC, You should put them onto your nas somewhere
Yeah, i currently have them in volume1/plex/. I have just tried the code and i get this error even though all three files are in the directory volume1/plex/
Am i putting the code in incorrectly?
Should i move the certificates to a different location and retry it?
I would create a new folder, eg
/volume1/tempcerts and put them in there.
(it might be due to permissions of the plex folder)
Then via ssh do:
cd /volume1/tempcerts
then ls -l and post the results here, so we can check the permissions.
Ive just created that new folder and ensured i had permissions. I retried the code and this is what i get now 
NOTE: ive just seen its LS -L not 1s -1
err, is that all letters, it looks like the number 1
These should be letters
ls -l
