starred/nginx-proxy-manager-NginxProxyManager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-25 17:35:52 +03:00
Code Issues 937 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #1411] letsencrypt SSL Certificate has 306 bytes key size #1102

New issue
Closed
opened 2026-02-26 06:35:46 +03:00 by kerem · 2 comments
kerem commented 2026-02-26 06:35:46 +03:00
Owner
Copy link

Originally created by @fahidsh on GitHub (Sep 18, 2021).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1411

Checklist

  • Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
    • Yes
  • Are you sure you're not using someone else's docker image?
    • Yes
  • Have you searched for similar issues (both open and closed)?
    • Yes

Describe the bug

My previously generated letsencrypt SSL-Certs had a Key file privkeyXX.pem of 1.7k size. After generating the letsencrypt certs, I copy them from NPM archive folder and use them with some other docker-apps.

lately, when I renew letsencrypt certs from NPM, certs are being generated, but the key file privkeyXX.pem has a size of 306 bytes. When I copy these NPM generated certs, some of my other docker-apps are failing to start with error invalid certificate. I have checked everything including permissions etc. Everything is fine, only difference is the key file size of letencrypt-certs generated by NPM.

At the time when problem started a few days back, I had NPM 2.9.7, today I updated my NPM to 2.9.9 and regenerated the certs and generated some new certs, all have a key file of 306 bytes.

When I goto NPM->SSL Certs, it show the certificates correct with correct expiry date. So I am wondering, why is it? has something changed on Letsencrypt side which is causing smaller key files (from 1.7 KB to 306 B) or is something wrong with NPM?

As for my NPM usage, I am not using some complex settings, just have some proxy hosts for my docker-apps being served with HTTPS.

Nginx Proxy Manager Version

2.9.7 and 2.9.9

To Reproduce
Steps to reproduce the behavior:

  1. Go to 'SSL Certificates'
  2. Click on 'Renew Certificate' or 'Generate Certificate' from Let's encrypt
  3. goto npm data -> letsencrypt/archive/npm-XX directory via terminal
  4. ls -lah and see the size of privkeyXX.pem file.

Expected behavior

Screenshots

npm-20210918.png

Operating System

Ubuntu Server 20.04

Additional context

Originally created by @fahidsh on GitHub (Sep 18, 2021). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1411 <!-- Are you in the right place? - If you are looking for support on how to get your upstream server forwarding, please consider asking the community on Reddit. - If you are writing code changes to contribute and need to ask about the internals of the software, Gitter is the best place to ask. - If you think you found a bug with NPM (not Nginx, or your upstream server or MySql) then you are in the *right place.* --> **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? - Yes - Are you sure you're not using someone else's docker image? - Yes - Have you searched for similar issues (both open and closed)? - Yes **Describe the bug** <!-- A clear and concise description of what the bug is. --> My previously generated letsencrypt SSL-Certs had a Key file _privkeyXX.pem_ of 1.7k size. After generating the letsencrypt certs, I copy them from NPM archive folder and use them with some other docker-apps. lately, when I renew letsencrypt certs from NPM, certs are being generated, but the key file _privkeyXX.pem_ has a size of 306 bytes. When I copy these NPM generated certs, some of my other docker-apps are failing to start with error _invalid certificate_. I have checked everything including permissions etc. Everything is fine, only difference is the key file size of letencrypt-certs generated by NPM. At the time when problem started a few days back, I had NPM 2.9.7, today I updated my NPM to 2.9.9 and regenerated the certs and generated some new certs, all have a key file of 306 bytes. When I goto NPM->SSL Certs, it show the certificates correct with correct expiry date. So I am wondering, why is it? has something changed on Letsencrypt side which is causing smaller key files (from 1.7 KB to 306 B) or is something wrong with NPM? As for my NPM usage, I am not using some complex settings, just have some proxy hosts for my docker-apps being served with HTTPS. **Nginx Proxy Manager Version** <!-- What version of Nginx Proxy Manager is reported on the login page? --> 2.9.7 and 2.9.9 **To Reproduce** Steps to reproduce the behavior: 1. Go to 'SSL Certificates' 2. Click on 'Renew Certificate' or 'Generate Certificate' from Let's encrypt 3. goto npm data -> letsencrypt/archive/npm-XX directory via terminal 4. ls -lah and see the size of privkeyXX.pem file. **Expected behavior** <!-- A clear and concise description of what you expected to happen. --> **Screenshots** <!-- If applicable, add screenshots to help explain your problem. --> [![npm-20210918.png](https://i.postimg.cc/Qdk3j3Z2/npm-20210918.png)](https://postimg.cc/5X0GmD0g) **Operating System** <!-- Please specify if using a Rpi, Mac, orchestration tool or any other setups that might affect the reproduction of this error. --> Ubuntu Server 20.04 **Additional context** <!-- Add any other context about the problem here, docker version, browser version, logs if applicable to the problem. Too much info is better than too little. -->
kerem 2026-02-26 06:35:46 +03:00
  • closed this issue
  • added the
    bug
         label
kerem commented 2026-02-26 06:35:47 +03:00
Author
Owner
Copy link

@fahidsh commented on GitHub (Sep 18, 2021):

this is how the new smaller key file looks with cat command

npm-20210918-2.png

<!-- gh-comment-id:922269131 --> @fahidsh commented on GitHub (Sep 18, 2021): this is how the new smaller key file looks with cat command [![npm-20210918-2.png](https://i.postimg.cc/GpySbPDH/npm-20210918-2.png)](https://postimg.cc/8FTbH6tS)
kerem commented 2026-02-26 06:35:47 +03:00
Author
Owner
Copy link

@chaptergy commented on GitHub (Oct 5, 2021):

Duplicate of https://github.com/jc21/nginx-proxy-manager/issues/1411

<!-- gh-comment-id:934840891 --> @chaptergy commented on GitHub (Oct 5, 2021): Duplicate of https://github.com/jc21/nginx-proxy-manager/issues/1411
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
dependabot/npm_and_yarn/backend/liquidjs-10.25.7
dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987
dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41
dependabot/npm_and_yarn/backend/basic-ftp-5.3.0
dependabot/npm_and_yarn/test/follow-redirects-1.16.0
dependabot/npm_and_yarn/test/axios-1.15.0
dependabot/npm_and_yarn/frontend/lodash-4.18.1
dependabot/npm_and_yarn/backend/lodash-4.18.1
dependabot/npm_and_yarn/test/lodash-4.18.1
dependabot/npm_and_yarn/frontend/vite-7.3.2
dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21
dependabot/npm_and_yarn/frontend/lodash-es-4.18.1
dependabot/npm_and_yarn/frontend/happy-dom-20.8.9
dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0
dependabot/npm_and_yarn/frontend/picomatch-4.0.4
dependabot/npm_and_yarn/backend/picomatch-2.3.2
dependabot/npm_and_yarn/frontend/yaml-1.10.3
dependabot/npm_and_yarn/test/flatted-3.4.2
dependabot/npm_and_yarn/test/tar-7.5.11
dependabot/npm_and_yarn/frontend/immutable-5.1.5
master
dependabot/npm_and_yarn/test/glob-10.5.0
dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1
dependabot/npm_and_yarn/test/form-data-4.0.4
v3-abandoned
bump-freedns
openidc
ssl-passthrough-hosts
static-content
v2.14.0
v2.13.7
v2.13.6
v2.13.5
v2.13.4
v2.13.3
v2.13.2
v2.13.1
v2.13.0
v2.12.6
v2.12.5
v2.12.4
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.4
v2.10.3
v2.10.2
v2.10.1
v2.10.0
v2.9.22
v2.9.21
v2.9.20
v2.9.19
v2.9.18
v2.9.17
v2.9.16
v2.9.15
v2.9.14
v2.9.13
v2.9.12
v2.9.11
v2.9.10
v2.9.9
v2.9.8
v2.9.7
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.9.2
v2.9.1
v2.9.0
v2.8.1
v2.8.0
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.0
v2.0.0
1.1.2
1.1.1
1.0.1
Labels
Clear labels   
awaiting feedback

   
bug

   
cannot reproduce

   
dns provider request

   
duplicate

   
enhancement

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
need more info

   
no certbot plugin available

   
product-support

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
troll

   
upstream issue

   
v2

   
v2

   
v2

   
v3

   
wontfix
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#1102
No description provided.