Two out of three servers can't be accessed securely

Server Version#: 1.20.1.3252 (Debian Linux) and 1.20.2.3370 (Mac)
Player Version#:

I have three servers running on my LAN, one on a Mac and two on Linux boxes (OMV on 4.19.118-2 and proli2 on 4.9.88-1)
They are all configured the same way:

• Enable IP6
• Secure preferred
• GDM enabled
• Relay enabled
  For remote access I am forwarding external ports 32401, 32402, 32403 to port 32400 on their respective local IPs.
  However when I connect to them, whether I do it locally by 192.168.1.x:32400/web or app.plex.tv, only one of the Linux boxes (proli2) connects securely. The other two (OMV and the Mac) require an insecure connection and do not respond to https.

$ curl https://127.0.0.1:32400 -v -k
* Rebuilt URL to: https://127.0.0.1:32400/
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 32400 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to 127.0.0.1:32400
* Curl_http_done: called premature == 1
* stopped the pause stream!
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to 127.0.0.1:32400

From Plex Media Server.log on omv (192.168.1.121 – UUID and username removed for privacy):
Oct 01, 2020 09:37:32.914 [0x7f273356f700] DEBUG - PublicAddressManager: Obtaining public address and mapping port.
Oct 01, 2020 09:37:32.944 [0x7f26e6ffd700] DEBUG - HTTP 200 response from PUT https://plex.tv/devices/mydeviceid?Connection[][uri]=http://192.168.1.121:32400&httpsEnabled=0&httpsRequired=0&dnsRebindingProtection=0&X-Plex-Token=xxxxxxxxxxxxxxxxxxxx
Oct 01, 2020 09:37:32.945 [0x7f26e6ffd700] DEBUG - CERT: Certificate or intermediate did not exist, fetching a new one.
Oct 01, 2020 09:37:32.945 [0x7f26e6ffd700] DEBUG - HTTP requesting POST https://plex.tv/devices/mydeviceid/certificate?version=2&X-Plex-Token=xxxxxxxxxxxxxxxxxxxx
Oct 01, 2020 09:37:33.005 [0x7f26967fc700] DEBUG - HTTP 422 response from POST https://plex.tv/servers.xml?auth_token=xxxxxxxxxxxxxxxxxxxx
Oct 01, 2020 09:37:33.006 [0x7f26967fc700] DEBUG - MyPlex: Published Mapping State response was 422
Oct 01, 2020 09:37:33.006 [0x7f26967fc700] DEBUG - MyPlex: Got response for mydeviceid ~ registered :0
Oct 01, 2020 09:37:33.006 [0x7f26967fc700] DEBUG - MyPlex: updating mapped state - current state: ‘Not Mapped’
Oct 01, 2020 09:37:33.006 [0x7f26967fc700] DEBUG - MyPlex: mapping state set to ‘Not Mapped’.
Oct 01, 2020 09:37:33.006 [0x7f273356f700] DEBUG - MyPlex: async reachability check - current mapped state: ‘Not Mapped’.
Oct 01, 2020 09:37:33.006 [0x7f273356f700] WARN - MyPlex: attempted a reachability check but we’re not yet mapped.
Oct 01, 2020 09:37:33.006 [0x7f273356f700] DEBUG - EventSource: Successfully connected to 184.105.148.114.
Oct 01, 2020 09:37:33.009 [0x7f2733d70700] DEBUG - Auth: authenticated user 1 as myuserid

Also the Cache directory on proli2 (for which secure works) contains ca.crt and certificate.p12. omv’s Cache directory does not. I tried to copy those two files from proli2 and they were removed.

Any ideas why it stopped working and how I can fix it? OMV is my main server. This was working until yesterday I had the brilliant idea to change my password and request a disconnection of all connected devices. This made me have to reattach my servers, and that’s when it happened.

Eric,
You are one of the unfortunate ones whose certificate was caught by the outage the other day.

I just forwarded your information to Operations so they may clear the certificate and allow PMS to pull a fresh one when it restarts.

Wow! Amazing customer support. Thank you so much!

ChuckPa, I also have problems with secure connections after a password change, a user found a solution but I wanted to avoid reconfiguring everything, including the dvr.

Same, been unable to use Plex for the past 5 days. Really disappointing. I keep getting family on board with Plex and then something like this happens. I’d do the reconfigure but It looks like that loses my family members’ watch history. I’m hoping to not turn them away from Plex even more.

Any idea on the ETA? I tried restarting the server, logging it out and reclaiming it, and it still won’t support secure connections

ChuckPa, my secure connections are also no longer working, but works fine w/out secure. It’s a hassle asking people to reconfigure, so is there a way to check to see if my cert was also impacted?

@icypermission

Didn’t I just reset your certificates?

All working now, thanks!

ALL:

For “404” Certificate errors,

Please report in the thread below.

Please state which server(s) by name need to be reset with your post.

I got the same problem, my server cant connect, suddenøy just lost connection to plex

@ChuckPa - Still not working… I’ve restarted the server several times, logged it out and logged it back in… No luck

Eric,

There must be another issue in your case.

Pick a server which is still a problem and stop it.
Tell me which one you stopped.
Keep it off until I reply back

Hi Chuck, I’ve turned off OMV and will leave it off until I hear back from you.

Eric,

I need some info / decisions.

You have:
The user has 6 servers: proli2 OMV OMV MacPro EricsMBP OMV

Two of the 3 “OMV” named servers have not been seen in a over a year.

Disposition?

Yes sir, they’re old iterations from earlier hardware, they should be removed. Only the ones that were connected today should be kept, thanks!

@ericsan

I have removed the servers which have not connected today per your instructions.

I reset the certificate for the remaining “OMV” server.

You can now restart it.

@ChuckPa Woohoo! OMV is now working in secure mode, thanks so much! MacPro is still not able to connect securely though, but it’s not my main server so no rush. Thanks again!

@ericsan

I only reset the OMV.

I have now also reset the MacPro.

Please restart it

@ChuckPa It works! Everything is back to normal! Thank you so much, I can’t believe you’re fixing this in the middle of a week-end night. Thank you thank you thank you!