[GH-ISSUE #1521] Add Certbot Integration for Automatic SSL Certificates #3946

New issue

Closed

opened 2026-02-28 11:58:24 +03:00 by kerem · 1 comment

kerem commented

2026-02-28 11:58:24 +03:00

Owner

Originally created by @khouahabi on GitHub (Jan 12, 2026).
Original GitHub issue: https://github.com/0xJacky/nginx-ui/issues/1521

Managing SSL certificates manually for multiple domains becomes time-consuming and error-prone. Certificates must be renewed every 90 days, and without automation there is a risk of downtime if renewal is forgotten or fails. I’m currently frustrated by needing to handle these steps manually instead of having the system automate SSL provisioning.

I would like built-in support for Certbot to automatically request, install, and renew Let's Encrypt SSL certificates for configured domains. Ideally, the feature should:

Detect existing domains and generate SSL certificates automatically
Renew certificates before expiration without manual intervention
Provide a simple UI or configuration options to enable/disable Certbot per domain
Reload the service (Nginx/Apache or internal proxy) after certificate renewal

Describing alternatives you've considered

Manually installing Certbot on the server and writing cron jobs for renewal
Using self-signed certificates (not secure and not production-friendly)
Using third-party services for SSL management, which increases cost and dependency
None of these alternatives offer the convenience and automatic lifecycle management that native Certbot integration would provide.

Automatic SSL support is now expected by default in most platforms. Integrating Certbot would significantly improve usability and security, especially for users managing many domains or subdomains.

Originally created by @khouahabi on GitHub (Jan 12, 2026). Original GitHub issue: https://github.com/0xJacky/nginx-ui/issues/1521 Managing SSL certificates manually for multiple domains becomes time-consuming and error-prone. Certificates must be renewed every 90 days, and without automation there is a risk of downtime if renewal is forgotten or fails. I’m currently frustrated by needing to handle these steps manually instead of having the system automate SSL provisioning. I would like built-in support for Certbot to automatically request, install, and renew Let's Encrypt SSL certificates for configured domains. Ideally, the feature should: 1. Detect existing domains and generate SSL certificates automatically 2. Renew certificates before expiration without manual intervention 3. Provide a simple UI or configuration options to enable/disable Certbot per domain 4. Reload the service (Nginx/Apache or internal proxy) after certificate renewal **Describing alternatives you've considered** - Manually installing Certbot on the server and writing cron jobs for renewal - Using self-signed certificates (not secure and not production-friendly) - Using third-party services for SSL management, which increases cost and dependency None of these alternatives offer the convenience and automatic lifecycle management that native Certbot integration would provide. Automatic SSL support is now expected by default in most platforms. Integrating Certbot would significantly improve usability and security, especially for users managing many domains or subdomains.

kerem

2026-02-28 11:58:24 +03:00

closed this issue
added the
enhancement
label

kerem commented

2026-02-28 11:58:25 +03:00

Author

Owner

@0xJacky commented on GitHub (Jan 12, 2026):

Hi @khouahabi, thanks for the suggestion!

Good news: the main workflow you described is already supported in Nginx UI via our built-in certificate management (ACME / Let's Encrypt):

Managed issuance for configured domains
Automatic renewal before expiration
Auto reload of Nginx after renewal completes

So the “automatic SSL lifecycle + reload” part is basically covered already.

At the moment, we don’t plan to integrate Certbot or other external auto-certificate solutions (we only support the built-in ACME flow).

@0xJacky commented on GitHub (Jan 12, 2026): Hi @khouahabi, thanks for the suggestion! Good news: the main workflow you described is already supported in Nginx UI via our built-in certificate management (ACME / Let's Encrypt): - Managed issuance for configured domains - Automatic renewal before expiration - Auto reload of Nginx after renewal completes So the “automatic SSL lifecycle + reload” part is basically covered already. At the moment, we don’t plan to integrate Certbot or other external auto-certificate solutions (we only support the built-in ACME flow).