Nginx Proxy Manager & Cloudflare


catrock

Recommended Posts

I am facing a problem which I can no longer solve without your help.

 

I need for my Unraidserver SSL Cert (Emby, Nextcloud .. ) 

 

For my Reverse Proxys i use Nginx Proxy Manager and for DNS Cloudflare. 

 

So, i create on Cloudflare a CNAME and set On WITH PROXY 

On the Proxy Manager i type in my IP and the Port. Turn HTTPS On and create a SSL Cert with Letsencrypt. 

 

Everything is finish And I'm trying to get to my website with the subdomain.

But here I am told that the connection is not secure and that he is using the root certificate.

 

How can I now use my certificate so that my future subdomains are encrypted with SSL?

I hope someone here can help me.

Link to comment

It sounds like you are terminating the SSL endpoint with cloudflare using the WITH PROXY. This will use the IP address of one of the cloudflare servers. You are then trying to SSL back to your Unraid Proxy Manager. So cloudflare may be giving that error because cloudflare is not trusting your certificate by let's encrypt because it doesn't have it stored (which I think cloudflare handles on it's own).

 

So it sounds like your setup looks like this:

 

subdomain.example.com:443 -(ssl)> cloudflare -(ssl)> proxymanager:443 -> subdomain.internal:8080

 

I am currently trying to work on a similar solution but haven't gotten as far yet. If you want to try and test this out switch the cloudflare DNS setting to DNS ONLY instead of WITH PROXY and see if that works out.

 

That setup would like like this:

subdomain.example.com:443 -(ssl)> proxymanager:443 -> subdomain:internal:8080

 

Some one with more experience may be able to set me straight as well though.

Edited by xorso
Fixing grammer
Link to comment

So there should be no SSL until you hit your NGINX Proxy Manager instance. If you can't get HTTPS to work make sure your firewall is appropriately port forwarding to your NGINX Proxy Manager SSL port.

The forwards should look something like this if you are using the Proxy Manager App in Unraid:

 

Firewall  -> Internal Port

80 -> <ip of unraid host>:1880

443 -> <ip of unraid host>:18443

Link to comment

.... ok .. this fix my problem .. xD 

THX U ❤️❤️ 

 

50 minutes ago, xorso said:

I am not too familiar with Fritz box but I think you have the ports mixed up. You need the external port (WAN side) to be 443 and the internal port (the one pointing to NPM, LAN side) to be 18443

 

Bildschirmfoto 2020-09-01 um 21.06.24.png

Link to comment
  • 7 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.