[GH-ISSUE #605] Add self generated certificate as SSL provider #510

New issue

Closed

opened 2026-02-26 06:33:11 +03:00 by kerem · 4 comments

kerem commented 2026-02-26 06:33:11 +03:00

Owner

Copy link

Originally created by @Syam on GitHub (Sep 10, 2020).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/605

I am trying to expose some HTTPS services to LAN only.
But when adding a proxy, Nginx Proxy Manager only offer Letsencrypt or None as provider.

Is it possible to add a self generated certificate as SSL provider ?

Thank,

Originally created by @Syam on GitHub (Sep 10, 2020). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/605 I am trying to expose some HTTPS services to LAN only. But when adding a proxy, Nginx Proxy Manager only offer `Letsencrypt ` or `None` as provider. Is it possible to add a self generated certificate as SSL provider ? Thank,

kerem 2026-02-26 06:33:11 +03:00

• closed this issue
• added the
  enhancement
  label

kerem commented 2026-02-26 06:33:12 +03:00

Author

Owner

Copy link

@chaptergy commented on GitHub (Oct 3, 2020):

When switching to the "SSL Certificates" tab and clicking on the "Add SSL Certificate" button in the upper right corner of the card (Not the big one in the center) you can choose to upload a custom certificate.
This certificate can then be selected for the host.

However it seems since version 2.5.0 the custom certificate upload is broken. See https://github.com/jc21/nginx-proxy-manager/issues/594

<!-- gh-comment-id:703158884 --> @chaptergy commented on GitHub (Oct 3, 2020): When switching to the "SSL Certificates" tab and clicking on the "Add SSL Certificate" button in the upper right corner of the card (Not the big one in the center) you can choose to upload a custom certificate. This certificate can then be selected for the host.  However it seems since version 2.5.0 the custom certificate upload is broken. See https://github.com/jc21/nginx-proxy-manager/issues/594

kerem commented 2026-02-26 06:33:12 +03:00

Author

Owner

Copy link

@BlackF09 commented on GitHub (Oct 4, 2020):

@chaptergy: I'm unsure if the author meant a third option besides LE an Custom (before step three) like "Own CA". OpenSSL could generate a quick self signed certificate with the given name. I think with this scenario we could even leave out the whole renewal management, just let it generate a new cert eg. after year. Only give the CA certificate to download that it could be added to clients.

Besides that it's a little bit confusing if two buttons with the same name do different things ("Add SSL Certificate").

<!-- gh-comment-id:703184797 --> @BlackF09 commented on GitHub (Oct 4, 2020): @chaptergy: I'm unsure if the author meant a third option besides _LE_ an _Custom_ (before step three) like "Own CA". OpenSSL could generate a quick self signed certificate with the given name. I think with this scenario we could even leave out the whole renewal management, just let it generate a new cert eg. after year. Only give the CA certificate to download that it could be added to clients. Besides that it's a little bit confusing if two buttons with the same name do different things ("Add SSL Certificate").

kerem commented 2026-02-26 06:33:12 +03:00

Author

Owner

Copy link

@jc21 commented on GitHub (Nov 22, 2020):

It was a conscious decision to make the main path for SSL certificate generation use Let's Encrypt because that was the goal of this project. Custom SSL certificates were added by request later in the game.

That said I agree it would be pretty easy to integrate mkcert into the project to generate self-signed certs on the fly and then make it part of the Host creation as an option.

<!-- gh-comment-id:731705888 --> @jc21 commented on GitHub (Nov 22, 2020): It was a conscious decision to make the main path for SSL certificate generation use Let's Encrypt because that was the goal of this project. Custom SSL certificates were added by request later in the game. That said I agree it would be pretty easy to integrate `mkcert` into the project to generate self-signed certs on the fly and then make it part of the Host creation as an option.

kerem commented 2026-02-26 06:33:12 +03:00

Author

Owner

Copy link

@chaptergy commented on GitHub (May 12, 2021):

Duplicate of https://github.com/jc21/nginx-proxy-manager/issues/593

<!-- gh-comment-id:839987794 --> @chaptergy commented on GitHub (May 12, 2021): Duplicate of https://github.com/jc21/nginx-proxy-manager/issues/593

kerem referenced this issue 2026-02-26 07:38:37 +03:00

[PR #510] [MERGED] Multidb - sqlite support #3251

kerem referenced this issue 2026-02-26 07:38:39 +03:00

[PR #543] [MERGED] v2.4.0 #3261

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#510

No description provided.