nginx-proxy-manager icon indicating copy to clipboard operation
nginx-proxy-manager copied to clipboard
Published 1 month ago verified publisher icon NginxProxyManager

Simple Proxy Host https without Let's Encrypt

Open Rod0lphe opened this issue 3 years ago • 6 comments

Hello,

I have set up a new NPM and I have a service to expose in https(443) but it already has a certificate provided by a certificate provider.

But, in NPM I have never set up a proxy host in https without LE.

I would just like to redirect my sub-domain to this server without generating a certificate because it already has one...

Thanks for your help.

Rod0lphe avatar Aug 31 '22 13:08 Rod0lphe

@Rod0lphe its pretty simple, when adding an SSL certificate in the web interface, hit SSL certificate and thencustom and upload the key, cert and intermediate cert. Then it can be used to protect the same as Lets Encrypt.

the1ts avatar Aug 31 '22 14:08 the1ts

@the1ts Thx for your response. It is not possible to do a simple redirection without adding the certificate as a simple reverse proxy like HAproxy?

Rod0lphe avatar Aug 31 '22 14:08 Rod0lphe

I think you are talking about TCP Proxying which would be using streams which are also available in NPM. BTW, there is nothing stopping you fronting an HTTPS service behind an SSL proxy on NPM. The beauty of using HTTPS on NPM is you can then have many services sharing the externalIP:443, if you TCP proxy or use streams only one service can use port 443 which is often a waste.

the1ts avatar Aug 31 '22 15:08 the1ts

@the1ts I was told that my old reverse proxy did not do proxy but ssl pass-trough, it's closer to load balancing than really pure proxy. So for the moment nginx proxy manager does not support the load balancing setup, nginx does, but the overlay not yet, seems to me that it is planned for 3.0

Rod0lphe avatar Sep 01 '22 06:09 Rod0lphe

I'm no expert, but I'm not sure it has to be SSL pass-through, the Nginx reverse proxy section in the user guide shows SSL on the Nginx layer going to http on meshcentral.

the1ts avatar Sep 01 '22 09:09 the1ts

I have mounted my nas to photon os with fstab Then in the docker composer for npm the ssl nas folder is visible to the container

then in any host Advanced

listen 443 ssl http2; ssl_certificate /path_from_compose/fullchain.cer; ssl_certificate_key /path_from_compose/cert.key;

it works very well

stanthewizzard avatar Sep 02 '22 16:09 stanthewizzard

Issue is now considered stale. If you want to keep it open, please comment :+1:

github-actions[bot] avatar Feb 11 '24 01:02 github-actions[bot]