I followed this guide: https://notthebe.ee/blog/easy-ssl-in-homelab-dns01/

But my Nginx Proxy Manager is running on a VPS that is connected to my local network through a WireGuard tunnel. Could that be an issue? I don’t know why it’s not working?

My NPM is also accessible to the local IP of my homeserver on which WireGuard is running.

    • Dataprolet@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      NPM should serve as both, but only issuing SSL certificates for my local network is the issue. Have you taken a look at the tutorial I’ve linked in the original post?

      And what do you mean with the port I’ve exposed? Exposed where? NPM uses port 81.

        • Dataprolet@lemmy.dbzer0.comOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Ah I see. As I’ve said the proxy is working for my domain and is available from the internet. So that shouldn’t be an issue…

          This is the output of the openssl command:

          spoiler
          # openssl s_client -connect 127.0.0.1:443 -showcerts
          
          CONNECTED(00000003)
          80DB1D0BDC7F0000:error:0A000458:SSL routines:ssl3_read_bytes:tlsv1 unrecognized name:../ssl/record/rec_layer_s3.c:1586:SSL alert number 112
          ---
          no peer certificate available
          ---
          No client certificate CA names sent
          ---
          SSL handshake has read 7 bytes and written 297 bytes
          Verification: OK
          ---
          New, (NONE), Cipher is (NONE)
          Secure Renegotiation IS NOT supported
          Compression: NONE
          Expansion: NONE
          No ALPN negotiated
          Early data was not sent
          Verify return code: 0 (ok)
          ---
          
          spoiler
          # openssl s_client -connect 127.0.0.1:80 -showcerts
          
          CONNECTED(00000003)
          809B89C5DB7F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:354:
          ---
          no peer certificate available
          ---
          No client certificate CA names sent
          ---
          SSL handshake has read 5 bytes and written 297 bytes
          Verification: OK
          ---
          New, (NONE), Cipher is (NONE)
          Secure Renegotiation IS NOT supported
          Compression: NONE
          Expansion: NONE
          No ALPN negotiated
          Early data was not sent
          Verify return code: 0 (ok)
          ---