Nginx Proxy Manager - SSL Wildcard Certs 🔑 for your entire domain

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
i promised you that i would make a video on nginx proxy manager ssl wildcard stored and you guys have also reminded me in my comment section so please accept my apologies that it took such a long time but here it is hi everybody i'm christian and i make tutorials and content for it professionals i also stream a lot here on youtube so if you have any questions for me just jump into some of my live streams it's always a lot of fun so in this video i will explain to you how ssl wildcard swords work why we need them and why they're useful and how to obtain them very easily on the nginx proxy manager so if you're not familiar with the nginx proxy manager that is a very nice and clean web ui where you can just configure an nginx based reverse proxy and i've recently also made a video about how to install and configure that so if you haven't watched this video please check it out i've also put you the link in the description below but now let's talk about ssl wildcard certs so if you're familiar with ssl terms already you probably will know that on nginx proxy manager you can very easily obtain them so you can just add a specific domain or a sub domain you can also add multiple domains and then you can easily obtain a cert that is valid for these domains so ssl wildcard sorts instead are not just valid for one domain or one specific subdomain they're valid for all and usually they are identified by an asterisk in front of that domain name which is basically just a placeholder for anything so this is very useful if you want to add sub domains later that you don't really know yet and you don't want to request a complete fresh and new ssl insert all the time it also can be very useful for language specific websites or blogs so for example if you have a wordpress blog and you want to translate this in different languages you could identify the languages based on a subdomain so for example if i want to make my website in german as well i could easily create a subdomain that is called de.digitallive.com or i also can add other languages and of course i don't want to include all the different language identifiers as a subdomain in my ssl cert so i usually just create a wildcard sort that is valid for all the different sub domains and language identifiers you can also combine this so for example obtain an ssl search for the main domain the digitallive.com and also add a wild card behind this this is valid for all different subdomains as well so you can see an ssl wild cut cert can be very useful in many situations and on the nginx proxy manager you can easily obtain that but if you tried that before you probably will have noticed that you need to enable the dns checkbox when you want to obtain the ssl cert and this is because the normal ssl certs are validated by an http challenge and this usually is done by the let's encrypt server that tries to connect on port 80 to the public ip address where the domain points to that the search should be validated for so you can imagine with a placeholder that can stand for anything this couldn't be easily done and you cannot just validate the main domain via an http challenge because there may be the situation where you have control over one specific dns zone for example one or two subdomains but not control over the entire domain therefore an http challenge is not enough to prove that you have control over the full domain and we need the dns challenge to validate those wildcard certs so the dns challenge works in different ways and it depends on which dns provider you have so the setup can be different depending on what you're using usually you need to obtain an api token on your dns provider on the engine a proxy manager there is a select box where you can select most of the common dns providers so this can be fully automated on the most common ones of course i cannot just show you that for every single dns provider it also doesn't make sense so let me show you that for the most two common dns providers out there you also have requested in some of my comments so let me show you that on cloudflare and on digitalocean and if this information helps you then please don't forget to hit the like button and subscribe if you want to see more tutorials for it professionals and of course you are also supporting and helping out this channel once you're logged into the nginx proxy manager web ui you can just go on ssl certificates and just add a new one fill in one or more domain names and then click on save so that will just obtain a normal ssl search and as i said it will send out an http challenge for every single sub domain so now we will take a look how to obtain a new wildcard search so you basically just remove the domain names and put an asterisk in front of the main domain name so this will automatically generate a wildcard certificate for all sub-domains you can also combine this with a normal search for the main domain but if you click on save it says you need to use the dns challenge to verify that because it's using a wildcard search in the domain names so now you can just go to the dns providers and click on that drop down menu and select your dns provider that you're using for this particular domain as i said let's first take a look at cloudflare one of the most common providers and you can see the credentials file content that should contain an api token so you first need to obtain an api token from cloudflare dns and then put this token into that field so in the cloudflare web ui you can just scroll down and click on get your api token then you go to the top api tokens and just create a new one so now we need to use the template for the dns zone and it's important here that you allow the editing of the dns zone you also need to fill in the zone resources so you need to include specifics on or just all zones if you want to have control over all dns domains and then you can also give it a token name so you can identify that later in your list i will just put in a wildcard the digital life dot dem and just create the new token so don't share this with anyone just copy it and just let's go back to the engine x proxy manager paste in the valid api token from cloudflare so if we know click on save this may take a few minutes but after this was successful you will get a wildcard search that is valid for the main domain and for all different sub domains and if you go to a proxy host we can use the domain names for example the digital life dot e and also the 3ws.digitalife.de and all different sub domains we want to use to point this to the specific proxy host so in the ssl search we can now select our wildcat cert that we've just created click save and everything should be fine so in digital ocean you basically just need to do the same thing you can find it on digitalocean when you scroll down under the account section and click on api so now you also need to generate a new token you need to give it a token name and also make sure that you have selected the right permissions to this search and click on generate token so note this token will only be shown once so once you close it and you go back to this section later you're not able anymore to show the api turned so make sure that you're copying it and pasting it into the credentials file content of the nginx proxy manager click on save and then it works basically the same way like on cloudflare as well so this is how ssl wildcard certifications work on nginx proxy manager and how you can easily obtain them with let's encrypt and some of the common dns providers out there and if you enjoyed this video please don't forget to hit the like button and subscribe if you want to see more tutorials for it professionals so thanks everybody for watching enjoy the rest of your day take care of yourself and i see you soon
Info
Channel: The Digital Life
Views: 14,590
Rating: undefined out of 5
Keywords: nginx proxy manager ssl, nginx proxy manager, nginx proxy manager docker, nginx proxy manager portainer, nginx proxy manager setup, nginx proxy manager step by step, nginx proxy manager tutorial, setup nginx proxy manager, nginx proxy, ssl certificate installation digitalocean, ssl cloudflare, ssl digital ocean, ssl wildcard certificate, command line, letsencrypt wildcard tutorial
Id: TBGOJA27m_0
Channel Id: undefined
Length: 8min 20sec (500 seconds)
Published: Mon Feb 15 2021
Related Videos
Put Wildcard Certificates and SSL on EVERYTHING - Traefik Tutorial
Techno Tim
87K
Nginx Proxy Manager - How-To Installation and Configuration
The Digital Life
61K
Securing NGinX Proxy Manager - follow up - securing your admin console for this Open Source Software
Awesome Open Source
24K
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.2M
Putting it All Together - Docker, Docker-Compose, NGinx Proxy Manager, and Domain Routing - How To.
Awesome Open Source
44K
Authelia - Free, Open Source, Self Hosted authorization and authentication for your web applications
Awesome Open Source
11K
Reverse proxy nginx letsencrypt tutorial
The Digital Life
24K
Manage all your SSH servers with teleport
The Digital Life
20K
How to Install a Wildcard SSL on Apache/Nginx (works for WordPress Multisite)
Tony Teaches Tech
3.5K
I Built This From A 1972 Popular Mechanics Magazine Plan. Does It Work?
Fireball Tool
2.2M
What is infrastructure as code? // Terraform Tutorial
The Digital Life
6.2K
Create your own VPN server with WireGuard in Docker
The Digital Life
45K
NGINX Linux Server | Common Configurations
Linode
37K
Secure Your Domain with NGINX Proxy Manager and CloudFlare (Including Uptime Kuma Demonstration)
DB Tech
6.1K
Nginx Proxy Manager - ACCESS LIST protection for internal services
The Digital Life
6.2K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.