[GH-ISSUE #4525] Managed Self-Signed CA cert #2893

New issue

Open

opened 2026-02-26 07:37:07 +03:00 by kerem · 1 comment

kerem commented

2026-02-26 07:37:07 +03:00

Owner

Originally created by @JKamsker on GitHub (May 5, 2025).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4525

Is your feature request related to a problem? Please describe.
Currently, Nginx Proxy Manager (NPM) supports Let's Encrypt for publicly trusted certificates and allows uploading custom certificates. However, for internal networks, development environments, or scenarios where public CAs are not desired/feasible, managing self-signed certificates can be cumbersome. Users often need to manually generate a CA, sign server certificates, upload them, and manage renewals.

Describe the solution you'd like
I propose adding a new feature where NPM acts as its own internal Certificate Authority (CA). This would streamline the process of using self-signed certificates for managed hosts.

When adding a new Proxy Host and selecting a SSL cert, the user then can select the Managed CA, which will then create the necessary certificates automatically.

Describe alternatives you've considered
The primary alternatives involve manual management outside of NPM:

Manually generating a root CA and server certificates using tools like OpenSSL or mkcert.
Uploading these manually generated certificates as "Custom Certificates" within NPM.

These alternatives lack the integration and automation proposed by this feature, requiring more user effort and separate management workflows.

Originally created by @JKamsker on GitHub (May 5, 2025). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/4525 **Is your feature request related to a problem? Please describe.** Currently, Nginx Proxy Manager (NPM) supports Let's Encrypt for publicly trusted certificates and allows uploading custom certificates. However, for internal networks, development environments, or scenarios where public CAs are not desired/feasible, managing self-signed certificates can be cumbersome. Users often need to manually generate a CA, sign server certificates, upload them, and manage renewals. **Describe the solution you'd like** I propose adding a new feature where NPM acts as its own internal Certificate Authority (CA). This would streamline the process of using self-signed certificates for managed hosts. When adding a new Proxy Host and selecting a SSL cert, the user then can select the ``Managed CA``, which will then create the necessary certificates automatically. **Describe alternatives you've considered** The primary alternatives involve manual management outside of NPM: * Manually generating a root CA and server certificates using tools like OpenSSL or `mkcert`. * Uploading these manually generated certificates as "Custom Certificates" within NPM. These alternatives lack the integration and automation proposed by this feature, requiring more user effort and separate management workflows.

kerem added the

enhancement

label

2026-02-26 07:37:07 +03:00

kerem commented

2026-02-26 07:37:07 +03:00

Author

Owner

@itzTheMeow commented on GitHub (Aug 26, 2025):

duplicate of #593?

@itzTheMeow commented on GitHub (Aug 26, 2025): duplicate of #593?

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#2893

No description provided.

Rows
Columns