search

luigi311 / JellyPlex-Watched

Sync watched between jellyfin and plex locally
GNU General Public License v3.0
392 stars 19 forks source link

[BUG] SSL: CERTIFICATE_VERIFY_FAILED when SSL_BYPASS = "True" #88

Closed smurfster closed 9 months ago

smurfster commented 1 year ago

Describe the bug I cannot see anything in my continue watching section on either plex or jellyfin

I just get the following errors output when I run the "docker logs jellyplex" command

I have SSL_BYPASS = "True" in the config (I have attached my full config)

`During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/app/src/main.py", line 382, in main main_loop() File "/app/src/main.py", line 298, in main_loop servers = generate_server_connections() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/app/src/main.py", line 89, in generate_server_connections Plex( File "/app/src/plex.py", line 393, in init self.plex = self.login(self.baseurl, self.token) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/app/src/plex.py", line 415, in login raise Exception(e) Exception: HTTPSConnectionPool(host='localhost', port=32400): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, "[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for 'localhost'. (_ssl.c:1002)")))`

Type: Docker

Additional context config.txt

luigi311 commented 1 year ago

This is a weird issue, i am seeing this on my unraid machine but when i run the same thing on my desktop i do not get this issue and it runs like normal. Can you confirm if you are running this on unraid?

smurfster commented 1 year ago

This is a weird issue, i am seeing this on my unraid machine but when i run the same thing on my desktop i do not get this issue and it runs like normal. Can you confirm if you are running this on unraid?

No its on a debian server using docker

luigi311 commented 1 year ago

Can you try replacing localhost with the ip address of the machine even if its itself? That seems to cause and fix the issue on my side. I need to see why localhost is failing.

luigi311 commented 1 year ago

Since you are using docker i think this has to do with the container running in bridge mode by default so localhost doesnt actually point to the machine itself. If you want to keep using localhost you will need to run the container in host network mode instead of bridge mode and that should fix your issues or instead give it the ip address of the machine itself, preferably a static ip so it doesnt change at some point.

Actually looking at the error message im getting for using localhost its different when in bridge mode, it complains about connection refused not an ssl error. Switching it to host though works without any ssl errors even when using localhost.

smurfster commented 1 year ago

Since you are using docker i think this has to do with the container running in bridge mode by default so localhost doesnt actually point to the machine itself. If you want to keep using localhost you will need to run the container in host network mode instead of bridge mode and that should fix your issues or instead give it the ip address of the machine itself, preferably a static ip so it doesnt change at some point.

Actually looking at the error message im getting for using localhost its different when in bridge mode, it complains about connection refused not an ssl error. Switching it to host though works without any ssl errors even when using localhost.

Hey

In "host" mode with localhost set in config I get the SSL error In "host" mode with my servers IP set in config I get the SSL error In "bridge" mode with my servers IP set in config I get the SSL error In "Bridge" mode with docker0 IP (172.17.0.1) I get the SSL error

Thats all the methods I know when using docker to access services on the same machine

luigi311 commented 1 year ago

can you try setting verified to false in the session so in the plex.py right after session = requests.Session() add session.verify = False and rebuild the container and see if that works.

smurfster commented 1 year ago

can you try setting verified to false in the session so in the plex.py right after session = requests.Session() add session.verify = False and rebuild the container and see if that works.

I could, but I'm currently stacked with work. Probably next month at the earliest before I could get round to this if I'm lucky.

Can you not change the code and create a custom tagged docker image?

smurfster commented 11 months ago

So I pulled the latest image and the issue has now changed @luigi311

Its now the jellyfin thats failing the ssl check even though I have the ssl bypass enabled

Cannot connect to host localhost:8096 ssl:default [Connect call failed ('127.0.0.1', 8096)] [ERROR]: Jellyfin: Get users failed Cannot connect to host localhost:8096 ssl:default [Connect call failed ('127.0.0.1', 8096)] [ERROR]: Cannot connect to host localhost:8096 ssl:default [Connect call failed ('127.0.0.1', 8096)] [ERROR]: Traceback (most recent call last): File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 980, in _wrap_create_connection return await self._loop.create_connection(*args, **kwargs) # type: ignore[return-value] # noqa ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/asyncio/base_events.py", line 1085, in create_connection raise exceptions[0] File "/usr/local/lib/python3.11/asyncio/base_events.py", line 1069, in create_connection sock = await self._connect_sock( ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/asyncio/base_events.py", line 973, in _connect_sock await self.sock_connect(sock, address) File "/usr/local/lib/python3.11/asyncio/selector_events.py", line 634, in sock_connect return await fut ^^^^^^^^^ File "/usr/local/lib/python3.11/asyncio/selector_events.py", line 674, in _sock_connect_cb raise OSError(err, f'Connect call failed {address}') ConnectionRefusedError: [Errno 111] Connect call failed ('127.0.0.1', 8096)

The above exception was the direct cause of the following exception:

Traceback (most recent call last): File "/app/src/jellyfin.py", line 96, in query async with session.get( File "/usr/local/lib/python3.11/site-packages/aiohttp/client.py", line 1141, in aenter self._resp = await self._coro ^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/aiohttp/client.py", line 536, in _request conn = await self._connector.connect( ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 540, in connect proto = await self._create_connection(req, traces, timeout) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 901, in _createconnection , proto = await self._create_direct_connection(req, traces, timeout) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 1209, in _create_direct_connection raise last_exc File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 1178, in _create_direct_connection transp, proto = await self._wrap_create_connection( ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/site-packages/aiohttp/connector.py", line 988, in _wrap_create_connection raise client_error(req.connection_key, exc) from exc aiohttp.client_exceptions.ClientConnectorError: Cannot connect to host localhost:8096 ssl:default [Connect call failed ('127.0.0.1', 8096)]

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/app/src/jellyfin.py", line 134, in get_users response = await self.query(query_string, "get", session) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/app/src/jellyfin.py", line 126, in query raise Exception(e) Exception: Cannot connect to host localhost:8096 ssl:default [Connect call failed ('127.0.0.1', 8096)]

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/app/src/main.py", line 382, in main main_loop() File "/app/src/main.py", line 298, in main_loop servers = generate_server_connections() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/app/src/main.py", line 146, in generate_server_connections Jellyfin(baseurl=baseurl, token=jellyfin_token[i].strip()), ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/app/src/jellyfin.py", line 80, in init self.users = asyncio.run(self.get_users()) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/asyncio/runners.py", line 190, in run return runner.run(main) ^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/asyncio/runners.py", line 118, in run return self._loop.run_until_complete(task) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/asyncio/base_events.py", line 653, in run_until_complete return future.result() ^^^^^^^^^^^^^^^ File "/app/src/jellyfin.py", line 144, in get_users raise Exception(e) Exception: Cannot connect to host localhost:8096 ssl:default [Connect call failed ('127.0.0.1', 8096)]

luigi311 commented 11 months ago

Hmm thats weird since I haven’t changed anything connection wise for plex or jellyfin. Can you try running this natively without docker and see if it has the same issues? You can create a virtual environment and install the dependencies there that way you don’t have anything lingering if you remove it later.

luigi311 commented 9 months ago

Looks like smurfster was able to get this working based on https://github.com/luigi311/JellyPlex-Watched/discussions/99 so closing this