[GH-ISSUE #705] I receive a connection problem (or invalid certificate) when i want to connect to a proxy through NPM #595

Open
opened 2026-02-26 06:33:34 +03:00 by kerem · 5 comments
Owner

Originally created by @pvdochtend on GitHub (Nov 7, 2020).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/705

Checklist

  • Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
    Yes
  • Are you sure you're not using someone else's docker image?
    Yes
  • If having problems with Lets Encrypt, have you made absolutely sure your site is accessible from outside of your network?
    It doesn't work probably related to my issue

Describe the bug
Ireceive the message: "NET::ERR_CERT_AUTHORITY_INVALID". SSL Certificate states "localhost" when routing traffic to the correct port and hostname.

  • What version of Nginx Proxy Manager is reported on the login page?
    2.6.2

To Reproduce
Steps to reproduce the behavior:

  • Clean install.
  • Added domain to proxy hosts
  • Change hostfile on my client to test.domain.com (example domain).
  • Use chrome to https://test.domain.com:7443 (my ports are: 780, 781 and 7443 because they were already in use on my docker host). My firewall is doing the translation to a different port.
  • Receive the message: "NET::ERR_CERT_AUTHORITY_INVALID". SSL Certificate states "localhost"

Expected behavior
I wanted to see the sote that's internally on the port.

Screenshots
If applicable, add screenshots to help explain your problem.

Operating System

  • Container runs on Synology / Docker.
    Chrome (86.0.4240.183) runs on Windows 10 20H2.
Originally created by @pvdochtend on GitHub (Nov 7, 2020). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/705 **Checklist** - Have you pulled and found the error with `jc21/nginx-proxy-manager:latest` docker image? Yes - Are you sure you're not using someone else's docker image? Yes - If having problems with Lets Encrypt, have you made absolutely sure your site is accessible from outside of your network? It doesn't work probably related to my issue **Describe the bug** Ireceive the message: "NET::ERR_CERT_AUTHORITY_INVALID". SSL Certificate states "localhost" when routing traffic to the correct port and hostname. - What version of Nginx Proxy Manager is reported on the login page? 2.6.2 **To Reproduce** Steps to reproduce the behavior: - Clean install. - Added domain to proxy hosts - Change hostfile on my client to test.domain.com (example domain). - Use chrome to https://test.domain.com:7443 (my ports are: 780, 781 and 7443 because they were already in use on my docker host). My firewall is doing the translation to a different port. - Receive the message: "NET::ERR_CERT_AUTHORITY_INVALID". SSL Certificate states "localhost" **Expected behavior** I wanted to see the sote that's internally on the port. **Screenshots** If applicable, add screenshots to help explain your problem. **Operating System** - Container runs on Synology / Docker. Chrome (86.0.4240.183) runs on Windows 10 20H2.
Author
Owner

@bewedeg commented on GitHub (Dec 28, 2020):

+1 on this issue
When diagnosing the site with ssllabs.com it seems that the dummycert specified in the default host https://github.com/jc21/nginx-proxy-manager/blob/72ac549a580b7a5775ac05db42cab5b36bfbdcde/docker/rootfs/etc/nginx/conf.d/default.conf#L34 is appended.
I verified this using openssl x509 -in dummycert.pem -text comparing the serial with the certificate number 2 shown by ssllabs.

<!-- gh-comment-id:751623093 --> @bewedeg commented on GitHub (Dec 28, 2020): +1 on this issue When diagnosing the site with ssllabs.com it seems that the dummycert specified in the default host [https://github.com/jc21/nginx-proxy-manager/blob/72ac549a580b7a5775ac05db42cab5b36bfbdcde/docker/rootfs/etc/nginx/conf.d/default.conf#L34](url) is appended. I verified this using openssl x509 -in dummycert.pem -text comparing the serial with the certificate number 2 shown by ssllabs.
Author
Owner

@threehappypenguins commented on GitHub (Oct 16, 2021):

I am also having this same problem. I have Nextcloud with linuxserver/mariadb on port 3306 (default), so I have Nginx Proxy Manager with jc21/mariadb-aria on port 3308 (it's the only way I could get both running on the same machine). I am able to seemingly create a new SSL certificate just fine, and point npm to my Nextcloud internally, but when I go to access my site (I use a duckdns subdomain and a DNS challenge with the duckdns token for generating the certificate), it shows NET::ERR_CERT_AUTHORITY_INVALID and everything in the certificate issued to "localhost."

Also, I disabled https for Nextcloud because I want npm to take care of it since linuxserver/letsencrypt is deprecated. So I have it pointed to 192.168.x.x:8080 (I can access it fine locally). My npm docker compose file is as follows (I'm not sure if it's correct, or a mistake causing the problem):

version: '3'
services:
  nginx-proxy-manager:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: nginx-proxy-manager
    restart: unless-stopped
    ports:
      - '91:80'
      - '81:81'
      - '451:443'
    environment:
      DB_MYSQL_HOST: "db"
      DB_MYSQL_PORT: 3308
      DB_MYSQL_USER: "user1"
      DB_MYSQL_PASSWORD: "password"
      DB_MYSQL_NAME: "npm"
    volumes:
      - /PATH/data:/data
      - /PATH/letsencrypt:/etc/letsencrypt
  db:
    image: 'jc21/mariadb-aria:latest'
    container_name: mariadb
    restart: unless-stopped
    ports:
      - '3308:3306'
    environment:
      MYSQL_ROOT_PASSWORD: 'password'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'user1'
      MYSQL_PASSWORD: 'password'
      MYSQL_TCP_PORT: 3308
      MYSQL_UNIX_PORT: 3308
    volumes:
      - /PATH:/var/lib/mysql
<!-- gh-comment-id:944817140 --> @threehappypenguins commented on GitHub (Oct 16, 2021): I am also having this same problem. I have Nextcloud with linuxserver/mariadb on port 3306 (default), so I have Nginx Proxy Manager with jc21/mariadb-aria on port 3308 (it's the only way I could get both running on the same machine). I am able to seemingly create a new SSL certificate just fine, and point npm to my Nextcloud internally, but when I go to access my site (I use a duckdns subdomain and a DNS challenge with the duckdns token for generating the certificate), it shows `NET::ERR_CERT_AUTHORITY_INVALID` and everything in the certificate issued to "localhost." Also, I disabled https for Nextcloud because I want npm to take care of it since linuxserver/letsencrypt is deprecated. So I have it pointed to 192.168.x.x:8080 (I can access it fine locally). My npm docker compose file is as follows (I'm not sure if it's correct, or a mistake causing the problem): ``` version: '3' services: nginx-proxy-manager: image: 'jc21/nginx-proxy-manager:latest' container_name: nginx-proxy-manager restart: unless-stopped ports: - '91:80' - '81:81' - '451:443' environment: DB_MYSQL_HOST: "db" DB_MYSQL_PORT: 3308 DB_MYSQL_USER: "user1" DB_MYSQL_PASSWORD: "password" DB_MYSQL_NAME: "npm" volumes: - /PATH/data:/data - /PATH/letsencrypt:/etc/letsencrypt db: image: 'jc21/mariadb-aria:latest' container_name: mariadb restart: unless-stopped ports: - '3308:3306' environment: MYSQL_ROOT_PASSWORD: 'password' MYSQL_DATABASE: 'npm' MYSQL_USER: 'user1' MYSQL_PASSWORD: 'password' MYSQL_TCP_PORT: 3308 MYSQL_UNIX_PORT: 3308 volumes: - /PATH:/var/lib/mysql ```
Author
Owner

@github-actions[bot] commented on GitHub (Mar 23, 2024):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2016297483 --> @github-actions[bot] commented on GitHub (Mar 23, 2024): Issue is now considered stale. If you want to keep it open, please comment :+1:
Author
Owner

@devcat-net commented on GitHub (Sep 26, 2024):

Having the same issue. Any ideas how to fix it?

<!-- gh-comment-id:2376752642 --> @devcat-net commented on GitHub (Sep 26, 2024): Having the same issue. Any ideas how to fix it?
Author
Owner

@github-actions[bot] commented on GitHub (May 4, 2025):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:2848914039 --> @github-actions[bot] commented on GitHub (May 4, 2025): Issue is now considered stale. If you want to keep it open, please comment :+1:
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/nginx-proxy-manager-NginxProxyManager#595
No description provided.