starred/nginx-proxy-manager-NginxProxyManager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2026-04-25 09:25:55 +03:00
Code Issues 937 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #1695] SSL for IP address #1266

New issue
Closed
opened 2026-02-26 06:36:28 +03:00 by kerem · 2 comments
kerem commented 2026-02-26 06:36:28 +03:00
Owner
Copy link

Originally created by @dmkjr on GitHub (Dec 29, 2021).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1695

I've used NPM for quite some time now. I'm running into a problem on Home Assistant (externally presented through NPM) where I included a configurator docker instance as an iframe within the configuration.yaml

All is well except it's yelling at me for attempting mixed content. The below code was from the configuration.yaml file in Home Assistant. I need to make that http, https and was attempting to utilize NPM to handle the Let's Encrypt certificate. Is this possible? We do not want to create another subdomain "something.example.com" that routes to the internal address. I can do this, but trying to just add a certificate at the LAN level that isn't presented publicly.

panel_iframe: configurator: title: 'Configurator' url: 'http://10.0.10.100:3218' icon: mdi:wrench

Thanks community!

Originally created by @dmkjr on GitHub (Dec 29, 2021). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1695 I've used NPM for quite some time now. I'm running into a problem on Home Assistant (externally presented through NPM) where I included a configurator docker instance as an iframe within the configuration.yaml All is well except it's yelling at me for attempting mixed content. The below code was from the configuration.yaml file in Home Assistant. I need to make that http, https and was attempting to utilize NPM to handle the Let's Encrypt certificate. Is this possible? We do not want to create another subdomain "something.example.com" that routes to the internal address. I can do this, but trying to just add a certificate at the LAN level that isn't presented publicly. `panel_iframe: configurator: title: 'Configurator' url: 'http://10.0.10.100:3218' icon: mdi:wrench` Thanks community!
kerem 2026-02-26 06:36:28 +03:00
  • closed this issue
  • added the
    question
         label
kerem commented 2026-02-26 06:36:28 +03:00
Author
Owner
Copy link

@chaptergy commented on GitHub (Dec 29, 2021):

Letsencrypt does not provide certificates for IP addresses, just for domains. It is generally unusual to have a certificate for an IP, except when it is a self signed certificate. And then no browser would trust this certificate, meaning you would either have to click "accept the risk" in every browser or install the certificate on every device you use.

Furthermore to route without a domain in nginx, the proxy would have to be set as the default server. Meaning everything received by nginx where it does not know where to route it to will be routed there. In npm this default server is already taken by the default page / congratulations page, so you can't do that in npm.

So what you are asking is not possible. SSL would either have to be handled by the proxied app and you can create a stream host for it, or you need a domain which you use to redirect to there.

<!-- gh-comment-id:1002479189 --> @chaptergy commented on GitHub (Dec 29, 2021): Letsencrypt does not provide certificates for IP addresses, just for domains. It is generally unusual to have a certificate for an IP, except when it is a self signed certificate. And then no browser would trust this certificate, meaning you would either have to click "accept the risk" in every browser or install the certificate on every device you use. Furthermore to route without a domain in nginx, the proxy would have to be set as the default server. Meaning everything received by nginx where it does not know where to route it to will be routed there. In npm this default server is already taken by the default page / congratulations page, so you can't do that in npm. So what you are asking is not possible. SSL would either have to be handled by the proxied app and you can create a stream host for it, or you need a domain which you use to redirect to there.
kerem commented 2026-02-26 06:36:28 +03:00
Author
Owner
Copy link

@dmkjr commented on GitHub (Dec 29, 2021):

@chaptergy Thank you for the response. I can certainly do the reverse proxy by domain name. Perhaps I can find ways to lock it down outside of my normal Cloudflare policies. Thank you for the information.

<!-- gh-comment-id:1002610148 --> @dmkjr commented on GitHub (Dec 29, 2021): @chaptergy Thank you for the response. I can certainly do the reverse proxy by domain name. Perhaps I can find ways to lock it down outside of my normal Cloudflare policies. Thank you for the information.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
develop
dependabot/npm_and_yarn/backend/liquidjs-10.25.7
dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987
dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41
dependabot/npm_and_yarn/backend/basic-ftp-5.3.0
dependabot/npm_and_yarn/test/follow-redirects-1.16.0
dependabot/npm_and_yarn/test/axios-1.15.0
dependabot/npm_and_yarn/frontend/lodash-4.18.1
dependabot/npm_and_yarn/backend/lodash-4.18.1
dependabot/npm_and_yarn/test/lodash-4.18.1
dependabot/npm_and_yarn/frontend/vite-7.3.2
dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21
dependabot/npm_and_yarn/frontend/lodash-es-4.18.1
dependabot/npm_and_yarn/frontend/happy-dom-20.8.9
dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0
dependabot/npm_and_yarn/frontend/picomatch-4.0.4
dependabot/npm_and_yarn/backend/picomatch-2.3.2
dependabot/npm_and_yarn/frontend/yaml-1.10.3
dependabot/npm_and_yarn/test/flatted-3.4.2
dependabot/npm_and_yarn/test/tar-7.5.11
dependabot/npm_and_yarn/frontend/immutable-5.1.5
master
dependabot/npm_and_yarn/test/glob-10.5.0
dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1
dependabot/npm_and_yarn/test/form-data-4.0.4
v3-abandoned
bump-freedns
openidc
ssl-passthrough-hosts
static-content
v2.14.0
v2.13.7
v2.13.6
v2.13.5
v2.13.4
v2.13.3
v2.13.2
v2.13.1
v2.13.0
v2.12.6
v2.12.5
v2.12.4
v2.12.3
v2.12.2
v2.12.1
v2.12.0
v2.11.3
v2.11.2
v2.11.1
v2.11.0
v2.10.4
v2.10.3
v2.10.2
v2.10.1
v2.10.0
v2.9.22
v2.9.21
v2.9.20
v2.9.19
v2.9.18
v2.9.17
v2.9.16
v2.9.15
v2.9.14
v2.9.13
v2.9.12
v2.9.11
v2.9.10
v2.9.9
v2.9.8
v2.9.7
v2.9.6
v2.9.5
v2.9.4
v2.9.3
v2.9.2
v2.9.1
v2.9.0
v2.8.1
v2.8.0
v2.7.3
v2.7.2
v2.7.1
v2.7.0
v2.6.2
v2.6.1
v2.6.0
v2.5.0
v2.4.0
v2.3.1
v2.3.0
v2.2.4
v2.2.3
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.0
v2.0.0
1.1.2
1.1.1
1.0.1
Labels
Clear labels   
awaiting feedback

   
bug

   
cannot reproduce

   
dns provider request

   
duplicate

   
enhancement

   
enhancement

   
enhancement

   
good first issue

   
help wanted

   
invalid

   
need more info

   
no certbot plugin available

   
product-support

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
stale

   
troll

   
upstream issue

   
v2

   
v2

   
v2

   
v3

   
wontfix
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#1266
No description provided.