Chapter 18: Using Nginx Proxy Manager with a Network Load Balancer

If you’re behind a Network Load Balancer (NLB) and want to manage SSL certificates and reverse proxying with ease, Nginx Proxy Manager (NPM) is a powerful web-based tool that simplifies the process. In this chapter, you’ll learn how to:

1. Upload your SSL certificate manually.
2. Set up a Proxy Host for your website.

Important Notes

• Your DNS must have an A record pointing to the public IP address of the Network Load Balancer.
• Port 443 (HTTPS) must be open to the internet to allow secure access to your site through the Load Balancer.

Step 1: Add the SSL Certificate (Custom)

1. Access Nginx Proxy Manager in your browser.
   Example: http://<your-npm-ip>:81
2. Log in with your admin credentials.
3. Go to SSL Certificates tab.
4. Click "Add SSL Certificate" → Select "Custom".

• Fill in the fields:
  Name: Something descriptive like hexacats.cloud
  Certificate Key: Paste the contents of
  /etc/letsencrypt/live/hexacats.cloud/privkey.pem
  Certificate: Paste the contents of
  /etc/letsencrypt/live/hexacats.cloud/cert.pem
  Intermediate Certificate: Paste the contents of
  /etc/letsencrypt/live/hexacats.cloud/chain.pem
  
  Click Save.

  Step 2: Create a Proxy Host

  1. Go to the "Proxy Hosts" tab.
  2. Click "Add Proxy Host".
  3. Fill in the details:
     • Domain Names: e.g., hexacats.cloud, www.hexacats.cloud
     • Forward Hostname / IP: the internal IP or DNS of your app container (or backend from NLB)
     • Forward Port: 8080 (or the port your app uses)
  4. Toggle "Block Common Exploits" (recommended)
  5. Under SSL tab:
     • Check "Enable SSL"
     • Select your custom certificate from the dropdown
     • Check "Force SSL" and optionally "HTTP/2 Support"
  6. Click Save.
  Now, your domain is:
  • SSL-secured
  • Reverse-proxied through Nginx Proxy Manager
  • Compatible with backend services and Network Load Balancers.