Skip to content

Show assigned certificate details and expiration status on the Proxy Hosts page #5705

Description

@enchained

Is your feature request related to a problem? Please describe.

My Hetzner DNS wildcard certificate expired and I could not update it, but I updated Nginx Proxy Manager, re-saved hosts, which accidentally resulted in individual certificates for several hosts.

However, it was difficult to determine which Proxy Hosts had already been moved to newly issued certificates and which were still using the expired wildcard certificate.

On the Proxy Hosts page, every host continued to show:

  • SSL: Let's Encrypt
  • Status: Online

This was the same whether the host was using:

  • An individual Let's Encrypt certificate issued through an HTTP challenge.
  • The expired wildcard Let's Encrypt certificate issued through a Hetzner DNS challenge.

To identify the affected hosts, I had to open the SSL Certificates page, find the expired certificate, hover over its In Use status, and take a screenshot of the host list because the displayed list could not conveniently be copied or kept open.

Describe the solution you'd like

Improve the SSL column on the Proxy Hosts page so that it displays enough information to identify the certificate assigned to each host.

1. Show the assigned certificate and DNS challenge provider

Display information such as:

  • Certificate name or primary domain.
  • Certificate type: Let's Encrypt or Custom.
  • Challenge type: HTTP-01 or DNS-01.
  • DNS provider when applicable, such as Hetzner or Cloudflare.

For example:

  • Let's Encrypt · HTTP-01
  • Let's Encrypt · DNS-01 · Hetzner
  • Custom certificate

This would make it possible to distinguish hosts using an individual HTTP-issued certificate from hosts using a wildcard certificate issued through a DNS provider.

2. Show certificate validity on each host

Add SSL status indicator based on the certificate currently assigned to the host:

  • Valid
  • Expires soon
  • Expired
  • Missing or invalid, if applicable

An expired certificate should be clearly visible on the Proxy Hosts page even when the host itself remains enabled and therefore still shows Online.

The existing host status and certificate status should remain separate. For example, a host could display:

  • Host status: Online
  • SSL status: Expired

Describe alternatives you've considered

The current workaround is to:

  1. Open the SSL Certificates page.
  2. Locate the expired certificate.
  3. Hover over In Use.
  4. Record or screenshot the list of affected hosts.
  5. Return to the Proxy Hosts page and update them individually.

This becomes cumbersome when one wildcard certificate is assigned to many hosts.

Additional context

The existing In Use indicator on the SSL Certificates page is useful, but it only provides the relationship in one direction: certificate to hosts. And it could benefit from adding more interactivity to its tooltip.

Showing the assigned certificate, challenge provider, and certificate validity directly on the Proxy Hosts page would make certificate migrations, renewal failures, and expired wildcard certificates much easier to diagnose.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions