Press "Enter" to skip to content

Wildcard Certificates with Nginx Proxy Manager

bist 0

I have been using Nginx Proxy Manager for a while now. Mainly for exposing my container to my internal and external network. If you want to expose them more easily via ssl then a wildcard might be the way to go. This works for internal and external workloads.

I use Cloudflare for external DNS resolving and Pihole for internal DNS resolving. This guide explains how to set it up

  • Log into Nginx Proxy Manager, click SSL Certificates, then click Add SSL Certificate – LetsEncrypt.
  • The Add dialog will pop up and information needs to be input. For Domain Names, put *.myserver.com, then click Add *.myserver.com in the drop down that appears. Toggle ON Use a DNS Challenge and I Agree to Let’s Encrypt Terms of Service. When toggling DNS Challenge, a new section will appear asking for Cloudflare API Token.
  • Log into Cloudflare and click your domain name. Scroll down and on the right hand side of the page, locate the API section then click Get Your API Token. On the next page, click the API Tokens header. Click Create Token on the next page.
  • At the bottom of the page, click Get Started under the Custom Token header. On the next page, give the token a name (I called mine NPM for Nginx Proxy Manager). Under Permissions, select Zone in the left hand box, DNS in the center box, and Edit in the right hand box. At the bottom of the page, click Continue to Summary. On the next page, click Create Token.
  • Once the token is created, it will take you to a page with the newly created token listed so that you can copy it. Click the Copy button or highlight the token and copy it.
  • Back on the Nginx Proxy Manager page, highlight the sample token in the Credentials File Content box and paste your newly created token. Leave the Propagation Seconds box blank. Click Save.
  • The box will change to Processing…. with a spinning icon. It may take a minute or two. Once it is finished, it will go back to the regular SSL Certificates page but with your new wildcard certificate added!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.