[GH-ISSUE #705] I receive a connection problem (or invalid certificate) when i want to connect to a proxy through NPM #595

New issue

Open

opened 2026-02-26 06:33:34 +03:00 by kerem · 5 comments

kerem commented 2026-02-26 06:33:34 +03:00

Owner

Copy link

Originally created by @pvdochtend on GitHub (Nov 7, 2020).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/705

Checklist

• Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
  Yes
• Are you sure you're not using someone else's docker image?
  Yes
• If having problems with Lets Encrypt, have you made absolutely sure your site is accessible from outside of your network?
  It doesn't work probably related to my issue

Describe the bug
Ireceive the message: "NET::ERR_CERT_AUTHORITY_INVALID". SSL Certificate states "localhost" when routing traffic to the correct port and hostname.

• What version of Nginx Proxy Manager is reported on the login page?
  2.6.2

To Reproduce
Steps to reproduce the behavior:

• Clean install.
• Added domain to proxy hosts
• Change hostfile on my client to test.domain.com (example domain).
• Use chrome to https://test.domain.com:7443 (my ports are: 780, 781 and 7443 because they were already in use on my docker host). My firewall is doing the translation to a different port.
• Receive the message: "NET::ERR_CERT_AUTHORITY_INVALID". SSL Certificate states "localhost"

Expected behavior
I wanted to see the sote that's internally on the port.

Screenshots
If applicable, add screenshots to help explain your problem.

Operating System

• Container runs on Synology / Docker.
  Chrome (86.0.4240.183) runs on Windows 10 20H2.

Originally created by @pvdochtend on GitHub (Nov 7, 2020). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/705 **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? Yes - Are you sure you're not using someone else's docker image? Yes - If having problems with Lets Encrypt, have you made absolutely sure your site is accessible from outside of your network? It doesn't work probably related to my issue **Describe the bug** Ireceive the message: "NET::ERR_CERT_AUTHORITY_INVALID". SSL Certificate states "localhost" when routing traffic to the correct port and hostname. - What version of Nginx Proxy Manager is reported on the login page? 2.6.2 **To Reproduce** Steps to reproduce the behavior: - Clean install. - Added domain to proxy hosts - Change hostfile on my client to test.domain.com (example domain). - Use chrome to https://test.domain.com:7443 (my ports are: 780, 781 and 7443 because they were already in use on my docker host). My firewall is doing the translation to a different port. - Receive the message: "NET::ERR_CERT_AUTHORITY_INVALID". SSL Certificate states "localhost" **Expected behavior** I wanted to see the sote that's internally on the port. **Screenshots** If applicable, add screenshots to help explain your problem. **Operating System** - Container runs on Synology / Docker. Chrome (86.0.4240.183) runs on Windows 10 20H2.

kerem added the

stale

bug

labels 2026-02-26 06:33:34 +03:00

kerem commented 2026-02-26 06:33:34 +03:00

Author

Owner

Copy link

@bewedeg commented on GitHub (Dec 28, 2020):

+1 on this issue
When diagnosing the site with ssllabs.com it seems that the dummycert specified in the default host https://github.com/jc21/nginx-proxy-manager/blob/72ac549a580b7a5775ac05db42cab5b36bfbdcde/docker/rootfs/etc/nginx/conf.d/default.conf#L34 is appended.
I verified this using openssl x509 -in dummycert.pem -text comparing the serial with the certificate number 2 shown by ssllabs.

<!-- gh-comment-id:751623093 --> @bewedeg commented on GitHub (Dec 28, 2020): +1 on this issue When diagnosing the site with ssllabs.com it seems that the dummycert specified in the default host [https://github.com/jc21/nginx-proxy-manager/blob/72ac549a580b7a5775ac05db42cab5b36bfbdcde/docker/rootfs/etc/nginx/conf.d/default.conf#L34](url) is appended. I verified this using openssl x509 -in dummycert.pem -text comparing the serial with the certificate number 2 shown by ssllabs.

kerem commented 2026-02-26 06:33:34 +03:00

Author

Owner

Copy link

@threehappypenguins commented on GitHub (Oct 16, 2021):

I am also having this same problem. I have Nextcloud with linuxserver/mariadb on port 3306 (default), so I have Nginx Proxy Manager with jc21/mariadb-aria on port 3308 (it's the only way I could get both running on the same machine). I am able to seemingly create a new SSL certificate just fine, and point npm to my Nextcloud internally, but when I go to access my site (I use a duckdns subdomain and a DNS challenge with the duckdns token for generating the certificate), it shows NET::ERR_CERT_AUTHORITY_INVALID and everything in the certificate issued to "localhost."

Also, I disabled https for Nextcloud because I want npm to take care of it since linuxserver/letsencrypt is deprecated. So I have it pointed to 192.168.x.x:8080 (I can access it fine locally). My npm docker compose file is as follows (I'm not sure if it's correct, or a mistake causing the problem):

version: '3'
services:
  nginx-proxy-manager:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: nginx-proxy-manager
    restart: unless-stopped
    ports:
      - '91:80'
      - '81:81'
      - '451:443'
    environment:
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3308
      DB_MYSQL_USER: "user1"
      DB_MYSQL_PASSWORD: "password"
      DB_MYSQL_NAME: "npm"
    volumes:
      - /PATH/data:/data
      - /PATH/letsencrypt:/etc/letsencrypt
  db:
    image: 'jc21/mariadb-aria:latest'
    container_name: mariadb
    restart: unless-stopped
    ports:
      - '3308:3306'
    environment:
      MYSQL_ROOT_PASSWORD: 'password'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'user1'
      MYSQL_PASSWORD: 'password'
      MYSQL_TCP_PORT: 3308
      MYSQL_UNIX_PORT: 3308
    volumes:
      - /PATH:/var/lib/mysql

<!-- gh-comment-id:944817140 --> @threehappypenguins commented on GitHub (Oct 16, 2021): I am also having this same problem. I have Nextcloud with linuxserver/mariadb on port 3306 (default), so I have Nginx Proxy Manager with jc21/mariadb-aria on port 3308 (it's the only way I could get both running on the same machine). I am able to seemingly create a new SSL certificate just fine, and point npm to my Nextcloud internally, but when I go to access my site (I use a duckdns subdomain and a DNS challenge with the duckdns token for generating the certificate), it shows `NET::ERR_CERT_AUTHORITY_INVALID` and everything in the certificate issued to "localhost." Also, I disabled https for Nextcloud because I want npm to take care of it since linuxserver/letsencrypt is deprecated. So I have it pointed to 192.168.x.x:8080 (I can access it fine locally). My npm docker compose file is as follows (I'm not sure if it's correct, or a mistake causing the problem): ``` version: '3' services: nginx-proxy-manager: image: 'jc21/nginx-proxy-manager:latest' container_name: nginx-proxy-manager restart: unless-stopped ports: - '91:80' - '81:81' - '451:443' environment: DB_MYSQL_HOST: "db" DB_MYSQL_PORT: 3308 DB_MYSQL_USER: "user1" DB_MYSQL_PASSWORD: "password" DB_MYSQL_NAME: "npm" volumes: - /PATH/data:/data - /PATH/letsencrypt:/etc/letsencrypt db: image: 'jc21/mariadb-aria:latest' container_name: mariadb restart: unless-stopped ports: - '3308:3306' environment: MYSQL_ROOT_PASSWORD: 'password' MYSQL_DATABASE: 'npm' MYSQL_USER: 'user1' MYSQL_PASSWORD: 'password' MYSQL_TCP_PORT: 3308 MYSQL_UNIX_PORT: 3308 volumes: - /PATH:/var/lib/mysql ```

kerem commented 2026-02-26 06:33:34 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Mar 23, 2024):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2016297483 --> @github-actions[bot] commented on GitHub (Mar 23, 2024): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem commented 2026-02-26 06:33:34 +03:00

Author

Owner

Copy link

@devcat-net commented on GitHub (Sep 26, 2024):

Having the same issue. Any ideas how to fix it?

<!-- gh-comment-id:2376752642 --> @devcat-net commented on GitHub (Sep 26, 2024): Having the same issue. Any ideas how to fix it?

kerem commented 2026-02-26 06:33:34 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (May 4, 2025):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2848914039 --> @github-actions[bot] commented on GitHub (May 4, 2025): Issue is now considered stale. If you want to keep it open, please comment :+1:

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#595

No description provided.