SSL for Streams - 2025 #4344

jc21 · 2025-02-05T06:07:29Z

Update upon #3789

and updated cypress + packages

nginxproxymanagerci · 2025-02-05T06:33:51Z

Docker Image for build 1 is available on
DockerHub
as nginxproxymanager/nginx-proxy-manager-dev:pr-4344

Note: ensure you backup your NPM instance before testing this image! Especially if there are database changes
Note: this is a different docker image namespace than the official image

jc21 · 2025-02-05T08:00:26Z

17:58:54  cypress-1  |  Service detected:       HTTP
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Testing protocols via sockets except NPN+ALPN 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  SSLv2      not offered (OK)
17:58:54  cypress-1  |  SSLv3      not offered (OK)
17:58:54  cypress-1  |  TLS 1      not offered
17:58:54  cypress-1  |  TLS 1.1    not offered
17:58:54  cypress-1  |  TLS 1.2    offered (OK)
17:58:54  cypress-1  |  TLS 1.3    offered (OK): final
17:58:54  cypress-1  |  NPN/SPDY   not offered
17:58:54  cypress-1  |  ALPN/HTTP2 not offered
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Testing cipher categories 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  NULL ciphers (no encryption)                      not offered (OK)
17:58:54  cypress-1  |  Anonymous NULL Ciphers (no authentication)        not offered (OK)
17:58:54  cypress-1  |  Export ciphers (w/o ADH+NULL)                     not offered (OK)
17:58:54  cypress-1  |  LOW: 64 Bit + DES, RC[2,4], MD5 (w/o export)      not offered (OK)
17:58:54  cypress-1  |  Triple DES Ciphers / IDEA                         not offered
17:58:54  cypress-1  |  Obsoleted CBC ciphers (AES, ARIA etc.)            offered
17:58:54  cypress-1  |  Strong encryption (AEAD ciphers) with no FS       offered (OK)
17:58:54  cypress-1  |  Forward Secrecy strong encryption (AEAD ciphers)  offered (OK)
17:58:54  cypress-1  | 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Testing server's cipher preferences 
17:58:54  cypress-1  | 
17:58:54  cypress-1  | Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (IANA/RFC)
17:58:54  cypress-1  | -----------------------------------------------------------------------------------------------------------------------------
17:58:54  cypress-1  | SSLv2
17:58:54  cypress-1  |  - 
17:58:54  cypress-1  | SSLv3
17:58:54  cypress-1  |  - 
17:58:54  cypress-1  | TLSv1
17:58:54  cypress-1  |  - 
17:58:54  cypress-1  | TLSv1.1
17:58:54  cypress-1  |  - 
17:58:54  cypress-1  | TLSv1.2 (no server order, thus listed by strength)
17:58:54  cypress-1  |  xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 521   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384              
17:58:54  cypress-1  |  xc028   ECDHE-RSA-AES256-SHA384           ECDH 521   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384              
17:58:54  cypress-1  |  xc014   ECDHE-RSA-AES256-SHA              ECDH 521   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA                 
17:58:54  cypress-1  |  xcca8   ECDHE-RSA-CHACHA20-POLY1305       ECDH 521   ChaCha20    256      TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256        
17:58:54  cypress-1  |  xc077   ECDHE-RSA-CAMELLIA256-SHA384      ECDH 521   Camellia    256      TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384         
17:58:54  cypress-1  |  x9d     AES256-GCM-SHA384                 RSA        AESGCM      256      TLS_RSA_WITH_AES_256_GCM_SHA384                    
17:58:54  cypress-1  |  xc0a1   AES256-CCM8                       RSA        AESCCM8     256      TLS_RSA_WITH_AES_256_CCM_8                         
17:58:54  cypress-1  |  xc09d   AES256-CCM                        RSA        AESCCM      256      TLS_RSA_WITH_AES_256_CCM                           
17:58:54  cypress-1  |  x3d     AES256-SHA256                     RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA256                    
17:58:54  cypress-1  |  x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA                       
17:58:54  cypress-1  |  xc0     CAMELLIA256-SHA256                RSA        Camellia    256      TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256               
17:58:54  cypress-1  |  x84     CAMELLIA256-SHA                   RSA        Camellia    256      TLS_RSA_WITH_CAMELLIA_256_CBC_SHA                  
17:58:54  cypress-1  |  xc051   ARIA256-GCM-SHA384                RSA        ARIAGCM     256      TLS_RSA_WITH_ARIA_256_GCM_SHA384                   
17:58:54  cypress-1  |  xc061   ECDHE-ARIA256-GCM-SHA384          ECDH 521   ARIAGCM     256      TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384             
17:58:54  cypress-1  |  xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 521   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256              
17:58:54  cypress-1  |  xc027   ECDHE-RSA-AES128-SHA256           ECDH 521   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256              
17:58:54  cypress-1  |  xc013   ECDHE-RSA-AES128-SHA              ECDH 521   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA                 
17:58:54  cypress-1  |  xc0a0   AES128-CCM8                       RSA        AESCCM8     128      TLS_RSA_WITH_AES_128_CCM_8                         
17:58:54  cypress-1  |  xc09c   AES128-CCM                        RSA        AESCCM      128      TLS_RSA_WITH_AES_128_CCM                           
17:58:54  cypress-1  |  xc076   ECDHE-RSA-CAMELLIA128-SHA256      ECDH 521   Camellia    128      TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256         
17:58:54  cypress-1  |  x9c     AES128-GCM-SHA256                 RSA        AESGCM      128      TLS_RSA_WITH_AES_128_GCM_SHA256                    
17:58:54  cypress-1  |  x3c     AES128-SHA256                     RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA256                    
17:58:54  cypress-1  |  x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA                       
17:58:54  cypress-1  |  xba     CAMELLIA128-SHA256                RSA        Camellia    128      TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256               
17:58:54  cypress-1  |  x41     CAMELLIA128-SHA                   RSA        Camellia    128      TLS_RSA_WITH_CAMELLIA_128_CBC_SHA                  
17:58:54  cypress-1  |  xc050   ARIA128-GCM-SHA256                RSA        ARIAGCM     128      TLS_RSA_WITH_ARIA_128_GCM_SHA256                   
17:58:54  cypress-1  |  xc060   ECDHE-ARIA128-GCM-SHA256          ECDH 521   ARIAGCM     128      TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256             
17:58:54  cypress-1  | TLSv1.3 (no server order, thus listed by strength)
17:58:54  cypress-1  |  x1302   TLS_AES_256_GCM_SHA384            ECDH 253   AESGCM      256      TLS_AES_256_GCM_SHA384                             
17:58:54  cypress-1  |  x1303   TLS_CHACHA20_POLY1305_SHA256      ECDH 253   ChaCha20    256      TLS_CHACHA20_POLY1305_SHA256                       
17:58:54  cypress-1  |  x1301   TLS_AES_128_GCM_SHA256            ECDH 253   AESGCM      128      TLS_AES_128_GCM_SHA256                             
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Has server cipher order?     no (NOT ok)
17:58:54  cypress-1  |  (limited sense as client will pick)
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Testing robust forward secrecy (FS) -- omitting Null Authentication/Encryption, 3DES, RC4 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  FS is offered (OK)           TLS_AES_256_GCM_SHA384
17:58:54  cypress-1  |                               TLS_CHACHA20_POLY1305_SHA256
17:58:54  cypress-1  |                               ECDHE-RSA-AES256-GCM-SHA384
17:58:54  cypress-1  |                               ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
17:58:54  cypress-1  |                               ECDHE-RSA-CHACHA20-POLY1305
17:58:54  cypress-1  |                               ECDHE-RSA-CAMELLIA256-SHA384
17:58:54  cypress-1  |                               ECDHE-ARIA256-GCM-SHA384 TLS_AES_128_GCM_SHA256
17:58:54  cypress-1  |                               ECDHE-RSA-AES128-GCM-SHA256
17:58:54  cypress-1  |                               ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
17:58:54  cypress-1  |                               ECDHE-RSA-CAMELLIA128-SHA256
17:58:54  cypress-1  |                               ECDHE-ARIA128-GCM-SHA256 
17:58:54  cypress-1  |  Elliptic curves offered:     prime256v1 secp384r1 secp521r1 X25519 X448 
17:58:54  cypress-1  |  Finite field group:          ffdhe2048 ffdhe3072 ffdhe4096 ffdhe6144 ffdhe8192
17:58:54  cypress-1  |  TLS 1.2 sig_algs offered:    RSA-PSS-RSAE+SHA512 RSA-PSS-RSAE+SHA384 
17:58:54  cypress-1  |                               RSA-PSS-RSAE+SHA256 RSA+SHA512 RSA+SHA384 
17:58:54  cypress-1  |                               RSA+SHA256 RSA+SHA224 
17:58:54  cypress-1  |  TLS 1.3 sig_algs offered:    RSA-PSS-RSAE+SHA512 RSA-PSS-RSAE+SHA384 
17:58:54  cypress-1  |                               RSA-PSS-RSAE+SHA256 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Testing server defaults (Server Hello) 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  TLS extensions (standard)    "renegotiation info/#65281" "server name/#0"
17:58:54  cypress-1  |                               "EC point formats/#11" "session ticket/#35"
17:58:54  cypress-1  |                               "supported versions/#43" "key share/#51"
17:58:54  cypress-1  |                               "supported_groups/#10" "max fragment length/#1"
17:58:54  cypress-1  |                               "encrypt-then-mac/#22"
17:58:54  cypress-1  |                               "extended master secret/#23"
17:58:54  cypress-1  |  Session Ticket RFC 5077 hint 300 seconds, session tickets keys seems to be rotated < daily
17:58:54  cypress-1  |  SSL Session ID support       yes
17:58:54  cypress-1  |  Session Resumption           Tickets: yes, ID: no
17:58:54  cypress-1  |  TLS clock skew               Random values, no fingerprinting possible 
17:58:54  cypress-1  |  Certificate Compression      none
17:58:54  cypress-1  |  Client Authentication        none
17:58:54  cypress-1  |  Signature Algorithm          SHA256 with RSA
17:58:54  cypress-1  |  Server key size              RSA 2048 bits (exponent is 65537)
17:58:54  cypress-1  |  Server key usage             Digital Signature, Key Encipherment
17:58:54  cypress-1  |  Server extended key usage    TLS Web Server Authentication
17:58:54  cypress-1  |  Serial                       DD382D1EF8C325D0B4E85F64A0CD609A (OK: length 16)
17:58:54  cypress-1  |  Fingerprints                 SHA1 84733867BB7476A506ACB3C5AE6C91D43B522A8F
17:58:54  cypress-1  |                               SHA256 A1A5ECB00BDC946999C176BEC0D2012886E88714FAEE11419C7CC8AE943F2DB9
17:58:54  cypress-1  |  Common Name (CN)             (no CN field in subject)
17:58:54  cypress-1  |  subjectAltName (SAN)         website1.example.com 
17:58:54  cypress-1  |  Trust (hostname)             Ok via SAN (same w/o SNI)
17:58:54  cypress-1  |  Chain of trust               Ok   
17:58:54  cypress-1  |  EV cert (experimental)       no 
17:58:54  cypress-1  |  Certificate Validity (UTC)   818 >= 60 days (2025-02-05 07:57 --> 2027-05-05 07:57)
17:58:54  cypress-1  |                               > 398 days issued after 2020/09/01 is too long
17:58:54  cypress-1  |  ETS/"eTLS", visibility info  not present
17:58:54  cypress-1  |  Certificate Revocation List  --
17:58:54  cypress-1  |  OCSP URI                     --
17:58:54  cypress-1  |                               NOT ok -- neither CRL nor OCSP URI provided
17:58:54  cypress-1  |  OCSP stapling                not offered
17:58:54  cypress-1  |  OCSP must staple extension   --
17:58:54  cypress-1  |  DNS CAA RR (experimental)    not offered
17:58:54  cypress-1  |  Certificate Transparency     --
17:58:54  cypress-1  |  Certificates provided        1
17:58:54  cypress-1  |  Issuer                       mkcert root@94ddf24eb386 (mkcert development CA)
17:58:54  cypress-1  |  Intermediate Bad OCSP (exp.) Ok
17:58:54  cypress-1  | 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Testing HTTP header response @ "/" 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  HTTP Status Code             200 OK
17:58:54  cypress-1  |  HTTP clock skew              0 sec from localtime
17:58:54  cypress-1  |  Strict Transport Security    not offered
17:58:54  cypress-1  |  Public Key Pinning           --
17:58:54  cypress-1  |  Server banner                openresty
17:58:54  cypress-1  |  Application banner           --
17:58:54  cypress-1  |  Cookie(s)                    (none issued at "/")
17:58:54  cypress-1  |  Security headers             --
17:58:54  cypress-1  |  Reverse Proxy banner         --
17:58:54  cypress-1  | 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Testing vulnerabilities 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
17:58:54  cypress-1  |  CCS (CVE-2014-0224)                       not vulnerable (OK)
17:58:54  cypress-1  |  Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK)
17:58:54  cypress-1  |  ROBOT                                     not vulnerable (OK)
17:58:54  cypress-1  |  Secure Renegotiation (RFC 5746)           supported (OK)
17:58:54  cypress-1  |  Secure Client-Initiated Renegotiation     not vulnerable (OK)
17:58:54  cypress-1  |  CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
17:58:54  cypress-1  |  BREACH (CVE-2013-3587)                    no gzip/deflate/compress/br HTTP compression (OK)  - only supplied "/" tested
17:58:54  cypress-1  |  POODLE, SSL (CVE-2014-3566)               not vulnerable (OK), no SSLv3 support
17:58:54  cypress-1  |  TLS_FALLBACK_SCSV (RFC 7507)              No fallback possible (OK), no protocol below TLS 1.2 offered
17:58:54  cypress-1  |  SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
17:58:54  cypress-1  |  FREAK (CVE-2015-0204)                     not vulnerable (OK)
17:58:54  cypress-1  |  DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
17:58:54  cypress-1  |                                            make sure you don't use this certificate elsewhere with SSLv2 enabled services, see
17:58:54  cypress-1  |                                            https://search.censys.io/search?resource=hosts&virtual_hosts=INCLUDE&q=A1A5ECB00BDC946999C176BEC0D2012886E88714FAEE11419C7CC8AE943F2DB9
17:58:54  cypress-1  |  LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2
17:58:54  cypress-1  |  BEAST (CVE-2011-3389)                     not vulnerable (OK), no SSL3 or TLS1
17:58:54  cypress-1  |  LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches
17:58:54  cypress-1  |  Winshock (CVE-2014-6321), experimental    not vulnerable (OK)
17:58:54  cypress-1  |  RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)
17:58:54  cypress-1  | 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Running client simulations (HTTP) via sockets 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Browser                      Protocol  Cipher Suite Name (OpenSSL)       Forward Secrecy
17:58:54  cypress-1  | ------------------------------------------------------------------------------------------------
17:58:54  cypress-1  |  Android 6.0                  TLSv1.2   ECDHE-RSA-AES128-GCM-SHA256       256 bit ECDH (P-256)
17:58:54  cypress-1  |  Android 7.0 (native)         TLSv1.2   ECDHE-RSA-AES128-GCM-SHA256       256 bit ECDH (P-256)
17:58:54  cypress-1  |  Android 8.1 (native)         TLSv1.2   ECDHE-RSA-AES128-GCM-SHA256       253 bit ECDH (X25519)
17:58:54  cypress-1  |  Android 9.0 (native)         TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Android 10.0 (native)        TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Android 11 (native)          TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Android 12 (native)          TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Chrome 79 (Win 10)           TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Chrome 101 (Win 10)          TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Firefox 66 (Win 8.1/10)      TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Firefox 100 (Win 10)         TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  IE 6 XP                      No connection
17:58:54  cypress-1  |  IE 8 Win 7                   No connection
17:58:54  cypress-1  |  IE 8 XP                      No connection
17:58:54  cypress-1  |  IE 11 Win 7                  TLSv1.2   ECDHE-RSA-AES256-SHA384           256 bit ECDH (P-256)
17:58:54  cypress-1  |  IE 11 Win 8.1                TLSv1.2   ECDHE-RSA-AES256-SHA384           256 bit ECDH (P-256)
17:58:54  cypress-1  |  IE 11 Win Phone 8.1          TLSv1.2   AES128-SHA256                     No FS
17:58:54  cypress-1  |  IE 11 Win 10                 TLSv1.2   ECDHE-RSA-AES256-GCM-SHA384       256 bit ECDH (P-256)
17:58:54  cypress-1  |  Edge 15 Win 10               TLSv1.2   ECDHE-RSA-AES256-GCM-SHA384       253 bit ECDH (X25519)
17:58:54  cypress-1  |  Edge 101 Win 10 21H2         TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Safari 12.1 (iOS 12.2)       TLSv1.3   TLS_CHACHA20_POLY1305_SHA256      253 bit ECDH (X25519)
17:58:54  cypress-1  |  Safari 13.0 (macOS 10.14.6)  TLSv1.3   TLS_CHACHA20_POLY1305_SHA256      253 bit ECDH (X25519)
17:58:54  cypress-1  |  Safari 15.4 (macOS 12.3.1)   TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Java 7u25                    No connection
17:58:54  cypress-1  |  Java 8u161                   TLSv1.2   ECDHE-RSA-AES256-SHA384           256 bit ECDH (P-256)
17:58:54  cypress-1  |  Java 11.0.2 (OpenJDK)        TLSv1.3   TLS_AES_128_GCM_SHA256            256 bit ECDH (P-256)
17:58:54  cypress-1  |  Java 17.0.3 (OpenJDK)        TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
17:58:54  cypress-1  |  go 1.17.8                    TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  |  LibreSSL 2.8.3 (Apple)       TLSv1.2   ECDHE-RSA-CHACHA20-POLY1305       253 bit ECDH (X25519)
17:58:54  cypress-1  |  OpenSSL 1.0.2e               TLSv1.2   ECDHE-RSA-AES256-GCM-SHA384       256 bit ECDH (P-256)
17:58:54  cypress-1  |  OpenSSL 1.1.0l (Debian)      TLSv1.2   ECDHE-RSA-AES256-GCM-SHA384       253 bit ECDH (X25519)
17:58:54  cypress-1  |  OpenSSL 1.1.1d (Debian)      TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
17:58:54  cypress-1  |  OpenSSL 3.0.3 (git)          TLSv1.3   TLS_AES_256_GCM_SHA384            253 bit ECDH (X25519)
17:58:54  cypress-1  |  Apple Mail (16.0)            TLSv1.2   ECDHE-RSA-AES256-GCM-SHA384       256 bit ECDH (P-256)
17:58:54  cypress-1  |  Thunderbird (91.9)           TLSv1.3   TLS_AES_128_GCM_SHA256            253 bit ECDH (X25519)
17:58:54  cypress-1  | 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Rating (experimental) 
17:58:54  cypress-1  | 
17:58:54  cypress-1  |  Rating specs (not complete)  SSL Labs's 'SSL Server Rating Guide' (version 2009q from 2020-01-30)
17:58:54  cypress-1  |  Specification documentation  https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide
17:58:54  cypress-1  |  Protocol Support (weighted)  100 (30)
17:58:54  cypress-1  |  Key Exchange     (weighted)  90 (27)
17:58:54  cypress-1  |  Cipher Strength  (weighted)  90 (36)
17:58:54  cypress-1  |  Final Score                  93
17:58:54  cypress-1  |  Overall Grade                A
17:58:54  cypress-1  |  Grade cap reasons            Grade capped to A. HSTS is not offered

jbowring and others added 9 commits February 4, 2025 17:12

Add SSL certificate to TCP streams if certificate in database

3091c21

Add SSL tab to stream UI

3dbc70f

Add SSL column to streams table UI

ee4250d

Add certificate to streams database model

cd80cc8

Fix whitespace in nginx stream config

4452f01

Fix stream update not persisting

2657af9

Fix api schema after merging latest changes

68a7803

Adds testssl.sh and mkcert to cypress stack

b4793d3

Cypress test for Streams

6a60627

and updated cypress + packages

jc21 mentioned this pull request Feb 5, 2025

Add SSL to streams #3789

Closed

jc21 merged commit c56c95a into develop Feb 5, 2025
2 checks passed

jc21 deleted the stream-ssl branch February 5, 2025 09:45

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SSL for Streams - 2025 #4344

SSL for Streams - 2025 #4344

jc21 commented Feb 5, 2025

nginxproxymanagerci bot commented Feb 5, 2025

jc21 commented Feb 5, 2025

SSL for Streams - 2025 #4344

SSL for Streams - 2025 #4344

Conversation

jc21 commented Feb 5, 2025

nginxproxymanagerci bot commented Feb 5, 2025

jc21 commented Feb 5, 2025