[PR #3151] [CLOSED] OCSP Stapling switch #3662

New issue

Closed

opened 2026-02-26 08:31:28 +03:00 by kerem · 0 comments

kerem commented

2026-02-26 08:31:28 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/NginxProxyManager/nginx-proxy-manager/pull/3151
Author: @BatSmacker84
Created: 8/23/2023
Status: ❌ Closed

Base: develop ← Head: ocsp-stapling

📝 Commits (2)

25f1fba added webgui switch for OCSP Stapling
8eff145 added migration file

📊 Changes

23 files changed (+150 additions, -5 deletions)

View changed files

📝 backend/doc/api.swagger.json (+7 -0)
📝 backend/internal/host.js (+1 -0)
📝 backend/internal/nginx.js (+1 -1)
➕ backend/migrations/20230823010130_ocsp.js (+49 -0)
📝 backend/schema/definitions.json (+5 -0)
📝 backend/schema/endpoints/dead-hosts.json (+12 -0)
📝 backend/schema/endpoints/proxy-hosts.json (+12 -0)
📝 backend/schema/endpoints/redirection-hosts.json (+12 -0)
➕ backend/templates/_ocsp.conf (+7 -0)
📝 backend/templates/dead_host.conf (+1 -0)
📝 backend/templates/proxy_host.conf (+1 -0)
📝 backend/templates/redirection_host.conf (+1 -0)
📝 frontend/js/app/nginx/dead/form.ejs (+9 -0)
📝 frontend/js/app/nginx/dead/form.js (+3 -1)
📝 frontend/js/app/nginx/proxy/form.ejs (+9 -1)
📝 frontend/js/app/nginx/proxy/form.js (+3 -1)
📝 frontend/js/app/nginx/redirection/form.ejs (+9 -0)
📝 frontend/js/app/nginx/redirection/form.js (+3 -1)
📝 frontend/js/i18n/messages.json (+1 -0)
📝 frontend/js/models/dead-host.js (+1 -0)

...and 3 more files

📄 Description

With this PR Dead, Proxy, and Redirect Hosts are now able to have OCSP Stapling enabled via the webgui with a simple toggle in the SSL tab.

The two config options added when OCSP Stapling is enabled are:

ssl_stapling on;
ssl_stapling_verify on;

The file used for OCSP Stapling is already provided by certbot (chain.pem), so all this PR does is allow for that stapling to occur by enabling those two options in each site's .conf file.
This is already possible in the current version of NPM by putting the two options into the Advanced Settings, but this PR allows for the config to look nicer and makes it easier for users to implement across their proxies.

The database does have to be migrated (a new migration file is included) in order to store if the Host has OCSP Stapling enabled or not.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/NginxProxyManager/nginx-proxy-manager/pull/3151 **Author:** [@BatSmacker84](https://github.com/BatSmacker84) **Created:** 8/23/2023 **Status:** ❌ Closed **Base:** `develop` ← **Head:** `ocsp-stapling` --- ### 📝 Commits (2) - [`25f1fba`](https://github.com/NginxProxyManager/nginx-proxy-manager/commit/25f1fba96f416510f7e10782dbc148a7865d249b) added webgui switch for OCSP Stapling - [`8eff145`](https://github.com/NginxProxyManager/nginx-proxy-manager/commit/8eff145d21a610f3828f4844bab6546a58b269a1) added migration file ### 📊 Changes **23 files changed** (+150 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `backend/doc/api.swagger.json` (+7 -0) 📝 `backend/internal/host.js` (+1 -0) 📝 `backend/internal/nginx.js` (+1 -1) ➕ `backend/migrations/20230823010130_ocsp.js` (+49 -0) 📝 `backend/schema/definitions.json` (+5 -0) 📝 `backend/schema/endpoints/dead-hosts.json` (+12 -0) 📝 `backend/schema/endpoints/proxy-hosts.json` (+12 -0) 📝 `backend/schema/endpoints/redirection-hosts.json` (+12 -0) ➕ `backend/templates/_ocsp.conf` (+7 -0) 📝 `backend/templates/dead_host.conf` (+1 -0) 📝 `backend/templates/proxy_host.conf` (+1 -0) 📝 `backend/templates/redirection_host.conf` (+1 -0) 📝 `frontend/js/app/nginx/dead/form.ejs` (+9 -0) 📝 `frontend/js/app/nginx/dead/form.js` (+3 -1) 📝 `frontend/js/app/nginx/proxy/form.ejs` (+9 -1) 📝 `frontend/js/app/nginx/proxy/form.js` (+3 -1) 📝 `frontend/js/app/nginx/redirection/form.ejs` (+9 -0) 📝 `frontend/js/app/nginx/redirection/form.js` (+3 -1) 📝 `frontend/js/i18n/messages.json` (+1 -0) 📝 `frontend/js/models/dead-host.js` (+1 -0) _...and 3 more files_ </details> ### 📄 Description With this PR Dead, Proxy, and Redirect Hosts are now able to have OCSP Stapling enabled via the webgui with a simple toggle in the SSL tab. The two config options added when OCSP Stapling is enabled are: > ssl_stapling on; > ssl_stapling_verify on; The file used for OCSP Stapling is already provided by certbot (chain.pem), so all this PR does is allow for that stapling to occur by enabling those two options in each site's .conf file. This is already possible in the current version of NPM by putting the two options into the Advanced Settings, but this PR allows for the config to look nicer and makes it easier for users to implement across their proxies. The database does have to be migrated (a new migration file is included) in order to store if the Host has OCSP Stapling enabled or not. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

kerem

2026-02-26 08:31:28 +03:00

closed this issue
added the
pull-request
label

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#3662

No description provided.

Rows
Columns