nginx-proxy-manager: Cannot use "Custom Certificate"

Checklist

Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image? Yes
Are you sure you’re not using someone else’s docker image? Yes

Describe the bug Tried to add custom-certificate in Certifcates > Add SSL Certificate > Custom.

After pressing “Save” nothing seems to happen, but Browser/JS Console logs this error:

17.bundle.17.js:1 Uncaught TypeError: Cannot read property 'cloudflare_use' of undefined
    at i.click @ui.save (17.bundle.17.js:1)
    at HTMLDivElement.dispatch (main.bundle.js?v=2.5.0:27)
    at HTMLDivElement.p.handle (main.bundle.js?v=2.5.0:27)

To Reproduce Steps to reproduce the behavior:

See -> Describe the bug

Expected behavior Being able to save the custom certificate or being able to toggle cloudflare-usage (missing form-field?!).

Screenshots If applicable, add screenshots to help explain your problem.

Operating System Ubuntu Linux, Google Chrome

Additional context Just in case you’re wondering about the TLD in screenshot. It’s a private-lan and I made a self-signed certificate using mkcert on my laptop trying to deploy it on nginx-proxy-manager (private-lan server). The cert is required for docker-registry (which requires SSL even in private-lan for docker & portainer container management).

About this issue

Original URL
State: closed
Created 4 years ago
Reactions: 12
Comments: 59 (4 by maintainers)

Most upvoted comments

Sorry if I’m overstepping here, had some time to kill. Thinking this is related to the key file, maybe in a format not quite what you’re expecting.

My certificate key file (privkey.pem) starts with “-----BEGIN PRIVATE KEY-----” and ends with “-----END PRIVATE KEY-----”. Nothing else human-readable. Upload failed with the message “Certificate Key is not valid (Command failed: openssl ec -in /tmp/edb44990-c1cf-4b56-b6a5-9be58ba004c3/tmp -check -noout 2>&1 )”.

Running openssl manually gave an error, “expecting a ec key”. However, the same command using ‘rsa’ instead of ‘ec’ was successful.

Interestingly, adding the string “----- BEGIN RSA” to my file to force key_type to be ‘rsa’ in certificate.js line 618 and uploading was also successful, and produced a valid key (per assigning it to a host and validating the expiration date in Firefox). Not sure I suggest this method for anyone else, YMMV. Just throwing more info out.

neightwulf on Nov 30, 2020

@narakornnick212 it’s very very strange that you don’t see a log of the certificate file being written to disk. It should spit out the entire certificate, with all 2 or 3 parts concatenated for the file. Are you able to verify that the tmp file that the openssl command was checking actually exists inside the docker container?

A small hint for every one: (I wasted 2 hours on this)

I got the same problem not seeing the upload log files. No cert files arrived at the disk.

Reason: I created the cert files using openssl as root user and the created files had

-rw-------  file.key.pem
-rw-r--r--  file.pem

When you try to upload these files as non-root web browser user, there is no “no access” message, npm pretend to process the files but there are no files as I suggest npm tries to process key.pem first. Therefor no log output.

Solution:

sudo chmod 644 *.pem

et voila, every thing is working fine. The fact that it looks like npm is processing the certs misguided me.

cnbhl on May 7, 2021

@gorus1 the advice from @neightwulf solved your issue for me and I wish to thank @neightwulf immensely for sharing and solving my daring problem

If I may suggest something on this for future:

add a piece of advice against dumbasses (like me) who try to upload password encrypted key files (:huge-facepalm-emoji-here:)
add a warning regarding the key format being explicitly set
create a page on the project wiki describing the process
add a reference to such wiki page in the popup

rlogiacco on Dec 1, 2020