View All Products
Compute
Storage
Databases
Services
Networking
Developer Tools
Delivery
Security
Industries
Pricing
Community
Engage With Us
Community Questions nginxproxymanager and linode issue
Log in to Ask a Question

nginxproxymanager and linode issue

docker ssl-certificate docker-compose nginx-proxy-manager

Hi, I have been having a great deal of trouble recently with my DNS. I am running Docker on Debian 11 with nginxproxymanager, and due to some complications I was forced to migrate my server to one with a different IP. In doing this I set the new one up the exact same way, but have been having trouble for weeks now in getting the website to work with my URL. When I go directly to the IP address with the proper port, it works perfectly, but when I attempt to route the traffic through the reverse proxy manager it seems to quit working entirely. I've been reading through similar posts on forums, and I believe the problem lies somewhere with the SSL certificate. when I use the command

curl https://med-scanner.com -Iv

it returns:

  • old SSL session ID is stale, removing
  • Connection state changed (MAX_CONCURRENT_STREAMS == 128)!

When I attempt to connect to the website, it times out. Another possible issue it could be is with the http/2 heading not being easily compatible with nginxproxymanager, and I read that adding

proxy_hide_header Upgrade;

could potentially fix this, but I am not entirely sure how to implement this. I can supply any additional information if needed. I'm sorry for being so unknowledgeable on the topic, I'm trying to learn, but I need to get this website back online asap in the meantime so I can finish it. Thank you for any response or help!

1 Reply

Linode Staff

As far as I have been able to find, SSL certs are not tied to IP addresses, rather the domain name itself.

Presumably, you would've already updated your DNS records to match the IP address. One thing that comes to mind is that if you are proxying your DNS records through a service like CloudFlare, you have to drop the proxy on that record to establish the SSL connection. This can be reapplied once the certificate has been generated/applied to your domain, but could feasibly cause problems if you left that in place.

You may also want to consider removing the old cert before generating a new one just to rule out issues with the original certificate. Additionally, when you generate the new cert, LetsEncrypt may be able to provide domain-specific error messages to help you better pinpoint the issue.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct