Is your feature request related to a problem? Please describe.
My Hetzner DNS wildcard certificate expired and I could not update it, but I updated Nginx Proxy Manager, re-saved hosts, which accidentally resulted in individual certificates for several hosts.
However, it was difficult to determine which Proxy Hosts had already been moved to newly issued certificates and which were still using the expired wildcard certificate.
On the Proxy Hosts page, every host continued to show:
- SSL: Let's Encrypt
- Status: Online
This was the same whether the host was using:
- An individual Let's Encrypt certificate issued through an HTTP challenge.
- The expired wildcard Let's Encrypt certificate issued through a Hetzner DNS challenge.
To identify the affected hosts, I had to open the SSL Certificates page, find the expired certificate, hover over its In Use status, and take a screenshot of the host list because the displayed list could not conveniently be copied or kept open.
Describe the solution you'd like
Improve the SSL column on the Proxy Hosts page so that it displays enough information to identify the certificate assigned to each host.
1. Show the assigned certificate and DNS challenge provider
Display information such as:
- Certificate name or primary domain.
- Certificate type: Let's Encrypt or Custom.
- Challenge type: HTTP-01 or DNS-01.
- DNS provider when applicable, such as Hetzner or Cloudflare.
For example:
Let's Encrypt · HTTP-01
Let's Encrypt · DNS-01 · Hetzner
Custom certificate
This would make it possible to distinguish hosts using an individual HTTP-issued certificate from hosts using a wildcard certificate issued through a DNS provider.
2. Show certificate validity on each host
Add SSL status indicator based on the certificate currently assigned to the host:
- Valid
- Expires soon
- Expired
- Missing or invalid, if applicable
An expired certificate should be clearly visible on the Proxy Hosts page even when the host itself remains enabled and therefore still shows Online.
The existing host status and certificate status should remain separate. For example, a host could display:
- Host status: Online
- SSL status: Expired
Describe alternatives you've considered
The current workaround is to:
- Open the SSL Certificates page.
- Locate the expired certificate.
- Hover over In Use.
- Record or screenshot the list of affected hosts.
- Return to the Proxy Hosts page and update them individually.
This becomes cumbersome when one wildcard certificate is assigned to many hosts.
Additional context
The existing In Use indicator on the SSL Certificates page is useful, but it only provides the relationship in one direction: certificate to hosts. And it could benefit from adding more interactivity to its tooltip.
Showing the assigned certificate, challenge provider, and certificate validity directly on the Proxy Hosts page would make certificate migrations, renewal failures, and expired wildcard certificates much easier to diagnose.
Is your feature request related to a problem? Please describe.
My Hetzner DNS wildcard certificate expired and I could not update it, but I updated Nginx Proxy Manager, re-saved hosts, which accidentally resulted in individual certificates for several hosts.
However, it was difficult to determine which Proxy Hosts had already been moved to newly issued certificates and which were still using the expired wildcard certificate.
On the Proxy Hosts page, every host continued to show:
This was the same whether the host was using:
To identify the affected hosts, I had to open the SSL Certificates page, find the expired certificate, hover over its In Use status, and take a screenshot of the host list because the displayed list could not conveniently be copied or kept open.
Describe the solution you'd like
Improve the SSL column on the Proxy Hosts page so that it displays enough information to identify the certificate assigned to each host.
1. Show the assigned certificate and DNS challenge provider
Display information such as:
For example:
Let's Encrypt · HTTP-01Let's Encrypt · DNS-01 · HetznerCustom certificateThis would make it possible to distinguish hosts using an individual HTTP-issued certificate from hosts using a wildcard certificate issued through a DNS provider.
2. Show certificate validity on each host
Add SSL status indicator based on the certificate currently assigned to the host:
An expired certificate should be clearly visible on the Proxy Hosts page even when the host itself remains enabled and therefore still shows Online.
The existing host status and certificate status should remain separate. For example, a host could display:
Describe alternatives you've considered
The current workaround is to:
This becomes cumbersome when one wildcard certificate is assigned to many hosts.
Additional context
The existing In Use indicator on the SSL Certificates page is useful, but it only provides the relationship in one direction: certificate to hosts. And it could benefit from adding more interactivity to its tooltip.
Showing the assigned certificate, challenge provider, and certificate validity directly on the Proxy Hosts page would make certificate migrations, renewal failures, and expired wildcard certificates much easier to diagnose.