# Nginx SSL Manual Configuration - Step-by-Step Guide **Last Updated:** 2026-01-31 **Document Version:** 1.0 **Status:** Active Documentation --- **Date**: 2026-01-09 **NPM URL**: `http://192.168.11.26:81` **Credentials**: `nsatoshi2007@hotmail.com` / `L@ker$2010` --- ## Quick Start 1. Open: `http://192.168.11.26:81` 2. Log in with credentials above 3. Follow steps below for each domain --- ## Step-by-Step Configuration ### For Each Domain: #### Step 1: Add Proxy Host 1. Click **"Proxy Hosts"** in left menu 2. Click **"Add Proxy Host"** button (top right) #### Step 2: Details Tab Fill in: - **Domain Names**: Enter the domain (e.g., `explorer.d-bis.org`) - For multiple domains, add each on a new line - **Scheme**: - Select `http` if target is `http://` - Select `https` if target is `https://` - **Forward Hostname/IP**: Enter the IP address (e.g., `192.168.11.140`) - **Forward Port**: Enter the port (e.g., `80` or `443`) - **Cache Assets**: ✅ Enable (optional) - **Block Common Exploits**: ✅ Enable - **Websockets Support**: ✅ Enable (for RPC domains with WebSocket) #### Step 3: SSL Tab 1. Click **"SSL"** tab 2. Click **"Request a new SSL Certificate"** 3. Fill in: - **Email Address for Let's Encrypt**: `nsatoshi2007@hotmail.com` - **I Agree to the Let's Encrypt Terms of Service**: ✅ Check - **Force SSL**: ✅ Enable (redirects HTTP to HTTPS) - **HTTP/2 Support**: ✅ Enable - **HSTS Enabled**: ✅ Enable - **HSTS Subdomains**: ✅ Enable (if you have subdomains) #### Step 4: Save 1. Click **"Save"** button 2. Wait 1-2 minutes for certificate to be issued 3. Check for green checkmark indicating success --- ## Domain Configuration Reference ### sankofa.nexus (5 domains) | Domain | Details | Forward To | Port | WebSocket | |--------|---------|------------|------|-----------| | `sankofa.nexus` | Scheme: http | `192.168.11.140` | 80 | No | | `www.sankofa.nexus` | Scheme: http | `192.168.11.140` | 80 | No | | `phoenix.sankofa.nexus` | Scheme: http | `192.168.11.140` | 80 | No | | `www.phoenix.sankofa.nexus` | Scheme: http | `192.168.11.140` | 80 | No | | `the-order.sankofa.nexus` | Scheme: http | `192.168.11.140` | 80 | No | ### d-bis.org (9 domains) | Domain | Details | Forward To | Port | WebSocket | |--------|---------|------------|------|-----------| | `explorer.d-bis.org` | Scheme: http | `192.168.11.140` | 80 | No | | `rpc-http-pub.d-bis.org` | Scheme: https | `192.168.11.252` | 443 | ✅ Yes | | `rpc-ws-pub.d-bis.org` | Scheme: https | `192.168.11.252` | 443 | ✅ Yes | | `rpc-http-prv.d-bis.org` | Scheme: https | `192.168.11.251` | 443 | ✅ Yes | | `rpc-ws-prv.d-bis.org` | Scheme: https | `192.168.11.251` | 443 | ✅ Yes | | `dbis-admin.d-bis.org` | Scheme: http | `192.168.11.130` | 80 | No | | `dbis-api.d-bis.org` | Scheme: http | `192.168.11.155` | 3000 | No | | `dbis-api-2.d-bis.org` | Scheme: http | `192.168.11.156` | 3000 | No | | `secure.d-bis.org` | Scheme: http | `192.168.11.130` | 80 | No | ### mim4u.org (4 domains) | Domain | Details | Forward To | Port | WebSocket | |--------|---------|------------|------|-----------| | `mim4u.org` | Scheme: http | `192.168.11.19` | 80 | No | | `www.mim4u.org` | Scheme: http | `192.168.11.19` | 80 | No | | `secure.mim4u.org` | Scheme: http | `192.168.11.19` | 80 | No | | `training.mim4u.org` | Scheme: http | `192.168.11.19` | 80 | No | ### defi-oracle.io (1 domain) | Domain | Details | Forward To | Port | WebSocket | |--------|---------|------------|------|-----------| | `rpc.public-0138.defi-oracle.io` | Scheme: https | `192.168.11.252` | 443 | ✅ Yes | --- ## Tips 1. **Batch Configuration**: Configure similar domains together (same target IP/port) 2. **Certificate Wait**: Let's Encrypt certificates take 1-2 minutes to issue 3. **Error Handling**: If certificate request fails, check: - DNS resolves to `76.53.10.36` - Port 80 is accessible (required for HTTP-01 challenge) - No rate limiting (wait 1 hour if too many requests) --- ## Verification After configuring all domains: ```bash bash scripts/nginx-proxy-manager/verify-ssl-config.sh ``` Or test manually: ```bash curl -I https://explorer.d-bis.org curl -I https://sankofa.nexus ``` --- **Last Updated**: 2026-01-09