Can't get Nginx to get a SSL certificate with mikrotik router


toastghost

Recommended Posts

I'm using 6.10.3 and have no errors. Plex is working in a container and I have a variety of other dockers running just fine. I am trying to set up a reverse proxy with Nginx to be able to access overseerr. I have the domain setup on cloudflare and the cloudflare dynamic dns app working. My ISP has long leases. I am using a mikrotik rb2011 router and, as I mentioned, I was able to do the appropriate port forwarding to get plex to work great. 

 

the Nginx log says that it fails http-01 test. It does not seem to matter what I do. I was trying to use ports 1980 and 19443 with nginx and forwarding those. I followed a number of nginx youtube videos but was not able to make it work. I am convinced that I am missing something with the network that Nginx is on but I have tried all of them. On some networks I am not able to access the gui. 

 

There is a very strong possibility that my router settings are off. I tried following the same ones that work for the plex port but it did not work. This included forwarding ports 80 and 443 which basically made my network unable to access the internet. I started trying different versions of the Nginx app but i still cant get a certificate set. 

 

I am aware given this information there are only about 1,000,000 things that it could be that are tripping me up but any help would be great. 

Link to comment

Honestly, I would be fine making it work with standard ports but I am out of my depth quite a bit. I have two ports forwarded, one for plex. and one for unraid management access which is 19443 to [unraid address]:443. These both work. when I try to forward other ports like 443 to 19443 and 80 to 1980 it makes my internet not work and i have to delete the forward for the 19443 to 443 and the other rules to make it work. The NGINX docker is set to 19443 for https.

Link to comment

Double post but I fixed it mostly. I figured out the filter rules and nat for my router adding 80 to 1880 and 443 to 18443 for both tcp and udp. I had to turn off the proxy for the domain in cloudflare but I got the certificate! And it works!! I turned the proxy back on and it still works!! Mostly. The only problem is that I get a bad gateway error (502) if nginx is set to https. 

 

Link to comment
4 hours ago, jmztaylor said:

 

what is your nginx config for overseerr?

 

I am not sure where to find that config file.. is it this?

 

 

# ------------------------------------------------------------
# overseerr.MYSERVERNAME.com
# ------------------------------------------------------------


server {
  set $forward_scheme https;
  set $server         "192.168.1.225";
  set $port           5055;

  listen 80;
listen [::]:80;

listen 443 ssl http2;
listen [::]:443 ssl http2;


  server_name overseerr.MYSERVERNAME.com;


  # Let's Encrypt SSL
  include conf.d/include/letsencrypt-acme-challenge.conf;
  include conf.d/include/ssl-ciphers.conf;
  ssl_certificate /etc/letsencrypt/live/npm-50/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/npm-50/privkey.pem;




# Asset Caching
  include conf.d/include/assets.conf;


  # Block Exploits
  include conf.d/include/block-exploits.conf;







    # Force SSL
    include conf.d/include/force-ssl.conf;





  access_log /data/logs/proxy-host-4_access.log proxy;
  error_log /data/logs/proxy-host-4_error.log warn;







  location / {

    







    

    # Proxy!
    include conf.d/include/proxy.conf;
  }


  # Custom
  include /data/nginx/custom/server_proxy[.]conf;
}

 

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.