Next, go to the Plex web UI and navigate to Settings -> Server -> Network and then click Show Advanced. I moved this file to /usr/local/etc/ although you can put it anywhere that the Plex server will be able to get at. This will create a plex-certificate.pkfx file in the current directory. # openssl pkcs12 -export -out plex-certificate.pkfx \ - inkey plex. In this example, the passphrase is "foo". Since it is encrypted, we need to provide it with a passphrase, which we will tell Plex about later. We will need to use openssl to combine the files that acme.sh provided for us into one for Plex to use. These files often have a p12 or or pfx extension, however Plex seems to like pkfx for the extension. The next step is to create a PKCS #12 certificate file, which is an archive file format used to store the server certificate, private key, and any intermediate certificates in a single encrypted binary file. The directory to run the script is /root/.acme.sh (note the initial dot in the directory name). Also note that these commands are not run in the git repo we checked out you can remove that repo if you want to, you won't use it again unless you want to keep the acme.sh script up to date. Once it has completed, if it is successful, your certificates will be in /root/.acme.sh//. This will take a little over two minutes to run. # export CF_KEY="" # export CF_Email="" # cd /root/.acme.sh #. We'll checkout from git since I prefer to see shellscripts before I run them, particularly when doing so as root. One notable thing is that md5sum, which I needed to use, is apparently not something that FreeBSD provides by default (who knew?) so you'll need to pkg install coreutils and use gmd5sum if you happen to be using FreeBSD (on most Linux distros you simply get md5sum as part of the base install).įirst step is to install the acme.sh client that will obtain the LetsEncrypt certificates. One thing to keep in mind is that my Plex server runs in an iocage jail on FreeNAS so if you're running Plex on Linux it will look a bit different since this is FreeBSD-based. Since I also used the same CloudFlare-based API updates for DNS, this one goes through a bit more detail than the previous post simply because I had to go through it again and could capture the steps along the way. The latter looks like far too much effort to go through, but I did get it up and running for Plex pretty quickly this morning. There were another two things around the house that I wanted to have proper SSL certificates on: my Plex server and the Unifi Controller. The other day I blogged about using LetsEncrypt with FreeNAS.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |