mirror of
https://github.com/NginxProxyManager/nginx-proxy-manager.git
synced 2026-04-25 17:35:52 +03:00
[GH-ISSUE #564] Cannot specify ciphers? #472
Labels
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/nginx-proxy-manager-NginxProxyManager#472
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @sbazzell on GitHub (Aug 17, 2020).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/564
Whenever I try to specify ciphers the way I would normally do using nginx vanilla, the proxy host goes to offline status.
So does
and
not work?
@dash74 commented on GitHub (Aug 27, 2020):
It looks like the only was too edit the ciphers would be to edit /etc/nginx/conf.d/include/ssl-ciphers.conf inside the docker container. You can do this by running docker exec -it "docker-name" bash. After editing the file you type exit. You'll have to commit the changes to a new file by running sudo docker commit [CONTAINER_ID] [new_image_name].
@Mattie112 commented on GitHub (Sep 7, 2020):
Yes I also want to change the ciphers. Any chance we can have this also exported in a volume just like the (optional) config files.
@Mattie112 commented on GitHub (Sep 7, 2020):
I did find a solution / workaround.
Simply create your own cipher file (outside of the container), for example generate it here https://ssl-config.mozilla.org/ but only use the protocols/ciphers part.
Now simply mount this file into the container
/etc/nginx/conf.d/include/ssl-ciphers.conf:/path/to/local/file/myown-custom-ssl-ciphers.confAnd now you have your own ciphers. Downside is that this no longer benefits from updates from the NPM itself. So you might want to check https://github.com/jc21/nginx-proxy-manager/blob/master/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf from time to time to check your file is up to date.
@Kopernikus1979 commented on GitHub (Apr 5, 2022):
@Mattie112
Could you help me mount /etc/nginx/conf.d/include/ssl-ciphers.conf:/path/to/local/file/myown-custom-ssl-ciphers.conf?
I 'm using Unraid and tried it but I only seem to be able to mount a directory not a file.
Thx
@Mattie112 commented on GitHub (Apr 5, 2022):
You should be able to just type it in :)
@Kopernikus1979 commented on GitHub (Apr 5, 2022):
Hi,
Tried it, but I get this error in my docker log:
If I go to /etc/nginx/conf.d/include/ssl-ciphers.conf I see it's my new modded file, however settings are not loaded when doing cryptcheck.fr for my domain
@Mattie112 commented on GitHub (Apr 5, 2022):
Can you run
docker inspect NginxProxyManagerAnd check the following part:
You can see how I have it and that does work. Does it look different for you?
@Kopernikus1979 commented on GitHub (Apr 5, 2022):
I got this:
@Kopernikus1979 commented on GitHub (Apr 5, 2022):
Just found something strange seems in the lastest version of NPM the ciphers are already compliant with the latest mozilla recommends, however when doing a check it still uses old ciphers, can you do a cryptcheck to see your result?
@Mattie112 commented on GitHub (Apr 5, 2022):
Ah yeah might be fair to say I use this repo:
https://github.com/Mattie112/docker-nginx-proxy-manager (and that is a fork of https://github.com/jlesage/docker-nginx-proxy-manager)
I think it uses / used to use this project but yeah that was a while ago..... So it could be that here the paths are changed, sorry can't keep track on what repo I use exactly :p
Anyway, my file:
I always use https://www.ssllabs.com/ssltest/ for checking (A+ for me) but here is the output from your site:
@Kopernikus1979 commented on GitHub (Apr 7, 2022):
@Mattie112
Hi,
I found the problem.
See my bug report:
https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1982
@Mattie112 commented on GitHub (Apr 7, 2022):
Yeah I'm doing that manually from time to time XD Have to look into github pipelines (or whatever it is called) at some point.
I just pushed
mattie112/docker-nginx-proxy-manager:latest(and:masterand:v1.26.0) to be up-to-date with jlesage again :)(And the reason I made my own fork because I kinda liked the all-in-one solution but I needed 80/443 so yeah I just choose this solution).
edit:
You can always drop me a message if you need some changes to be merged just open an issue on my fork :)
@github-actions[bot] commented on GitHub (Mar 26, 2024):
Issue is now considered stale. If you want to keep it open, please comment 👍
@Xyz00777 commented on GitHub (Dec 13, 2024):
this is as far as i know still not working :(
when does these can be fixed?
@github-actions[bot] commented on GitHub (Jun 22, 2025):
Issue is now considered stale. If you want to keep it open, please comment 👍