General question whether I understood SSL certification correctly

swc-phil · November 21, 2025, 7:22pm

~~That’s the neat part…~~

There are a few steps you need to follow:

Issue a valid (preferably wildcard) cert for your domain/subdomain. Sometimes it can be done by the reverse proxy itself. AFAIK, vanilla nginx doesn’t have this functionality built-in.
Specify this cert in reverse proxy configs.
Specify the URLs to your apps in reverse proxy configs. Side-note: the connection between your apps and the reverse proxy would be plain HTTP.
Make sure your domain/subdomain points to the address of your reverse proxy.

The exact steps depend on your choice of reverse proxy.

IMO, vanilla nginx as the reverse proxy for a homelab is not the best option, especially when you are not already familiar with it. This topic can be useful for picking a reverse proxy – Hosting Domain via TrueNAS Best Practices: NGINX, Traefik, or Caddy.

Topic		Replies	Views
Vaultwarden HTTPS error Apps and Virtualization	20	2144	November 24, 2024
HOWTO: Host a Service privately on TrueNAS with a valid SSL Certificate Resources SCALE , Apps	56	11987	April 1, 2026
Visit apps using subdomains instead of IP and port numbers TrueNAS General	7	1314	February 26, 2025
Nginx Proxy Manager - Configuration Tips (especially if you are stuck at Deploying) Apps and Virtualization	62	17394	January 18, 2026
Hosting Domain via TrueNAS Best Practices: NGINX, Traefik, or Caddy Apps and Virtualization	51	5746	June 20, 2025