Letsencrypt and plex media server

Submitted by cliff on Thu, 15/03/2018 - 11:44

Plex uses it's own certificates pointing to <uuid>.plex.direct for it's internal indirect modus. As I use plex mainly using chrome it would be nice for it to have a valid certificate. This is based on plex on ubuntu 17.10. I got inspired by the following gisthub post. For that I modified the Unifi Controller script to suit plex it's need. It is available here. Latest version is available on github.

Run the script as following

sudo ./gen-plex-cert.sh -d plex.domain.com

Now go to the Plex UI.

Go to Settings (icon on top right corner) > Server (tab) > Network (left navigation column).

Click "SHOW ADVANCED" to see the necessary fields.

Enter the following values:

Custom certificate location: /var/lib/plexmediaserver/certificate.pfx
Custom certificate encryption key: PLeXMeDiaSeRVeR (this is the default key used in the script (change it))
Custom certificate domain: https://plex.domain.com:32400
Save your changes.

Obvious you want the certificate to update it self. Copy the script to /usr/local/sbin and add the following to /etc/cron.d/plex-cert-update


0 */12 * * * root test -x /usr/local/sbin/gen-plex-cert.sh -a \! -d /run/systemd/system && perl -e 'sleep int(rand(3600))' && /usr/local/sbin/gen-plex-cert.sh -r -d plex.domain.com