Self-Signed cert generation

[vrelk]

Can you add a way to generate a self signed cert and generate/download a CSR? I am using this for some .local addresses as well, so being able to do self signed certs would be nice.

I tried doing this manually and using the Microsoft Cert Authority to make a cert and it failed. I'm not exactly sure why, it just wouldn't upload (upload box wouldn't even close)

[vrelk]

Just a note. I generated a CSR on linux machine instead of trying to do it in Windows. (much easier, sorta a derp moment). Anyways, the new cert uploaded fine, so maybe some sort of notification that an error occurred while uploading a cert would be nice, right now it disables the upload button, but nothing else changes.

I would consider this a low priority enhancement, unless someone else sees the need to bump it up. I'm happy for now as I have a cert trusted by Active Directory.

[jc21]

Sounds like a bug verifying the cert on the backend and not handling it. I have tested this with random text files as certs, but I haven't tested with windows generated ones :/

[vrelk]

I still have the one I generated. It was a PITA, so I can send it to you if you want. It's a .local cert, so no security issue, none that I care about anyways.

On Mon, Jan 14, 2019, 12:13 AM jc21 <notifications@github.com wrote:

Sounds like a bug verifying the cert on the backend and not handling it. I have tested this with random text files as certs, but I haven't tested with windows generated ones :/

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/jc21/nginx-proxy-manager/issues/49#issuecomment-453903647, or mute the thread https://github.com/notifications/unsubscribe-auth/AAmOvUhR4pxrf-HKECEk3QfItDmxwFgmks5vDBHmgaJpZM4Z8gFI .

[jc21]

In that case, it would be great if you can attach them to this issue :)

[vrelk]

Sorry for the delay, but it looks like I deleted it from the network share. If you want I can generate some new ones for you if the other issue that someone opened isn't enough since it appears to be nearly the same problem.

[jc21]

Is this the DES certificates issue? (#52) Anyway, adding yours again for me would be helpful.

[Cassiopeia23]

Hi, I'm also interested in a self signed certificate generator.

I want to use this awesome tool also in my internal network.

What would be the best practice to use my own self signed certificate ? So I can create one on my own but should I do it within the container our outside and how do I implement it into my configuration ?

[chaptergy]

For all those that come here with this issue: you can't generate a certificate directly in NPM, but instead you have to generate one yourself and upload it as a custom certificate. Use e.g. openssl for this. There should be many tools that are able to do this. As a last resort, you can use selfsignedcertificate.com, though it is not recommended since confidential information would be generated on a host of unknown origin.

[chaptergy]

Closing in favor of https://github.com/jc21/nginx-proxy-manager/issues/593