How to Use DNS Verification with your Reverse Proxy & use a Wildcard SSL Certificate

How to Use DNS Verification with your Reverse Proxy & use a Wildcard SSL Certificate


shared hosting reverse proxy

This is a video that will show you how to create an ssl certificate using dns verification. This is useful if your isp blocks port 80 so you cant use http verification. Also using dns verification allows the creation of wildcard ssl certificates.

Please, if you can and want to support the channel and donate or check my patreon page

Need a good vpn? PIA is one of the best –

Music credits
“Epic” and “endless motion” composed and performed by Bensound from

34 thoughts on “How to Use DNS Verification with your Reverse Proxy & use a Wildcard SSL Certificate

  1. @SpaceinvaderOne – THANK YOU! I got the openvpn set up following your tutorial for that. So decided to give the reverse proxy a try as well (mostly for education purposes).

    I had to merge the three tutorials (Proxy with HTTP, Proxy with DNS (this one) and Swag) into one to get it done, and I have everything working, my domain is protected on Cloudflare and I have 'Server Ready' on Swag logs but when I try to access the sonarr subdomain I get an error (Error 521: Web Server is down).

    Can anyone help please?

  2. HELPP: Is anyone having a problem when you try to go to nextcloud with your own domain name? All the letsencrpty is working properly. However, google chrome stated This site can’t be reached and took too long to respond.

  3. Everything works great when it's running but I noticed that every week or two all of my subdomains like sonarr.mydomain.com plex.mydomain.com etc randomly drop the connection and show me the Cloudflare 1016 error page. All dockers are running fine and I can also access everything local. Cloudflare was not able to help my out so you Spaceinvader One are my only hope left to fix this strange issue.

  4. Please help me!

    An unexpected error occurred:
    KeyError: 'code'
    Please see the logfiles in /var/log/letsencrypt for more details.
    ERROR: Cert does not exist! Please see the validation error above. Make sure you entered correct credentials into the /config/dns-conf/cloudflare.ini file.

  5. Hi
    Thanks for this video. Everything works fine (freshrss, nextcloud, bitwarden…) except lidarr and documentserver for nextcloud. All my subdomains are A type. Ping cannot find the host and nslookup doesn't show cloudflare IP.
    Any idea ?

  6. I finally get it all setup do exactly as you do then when i reset letencrypt i get this error only : nginx: [emerg] "server" directive is not allowed here in /config/nginx/proxy-confs/deluge.subdomain.conf:3

    No matter what config i use its the same issue

  7. Thank you! another great video to the rescue. Ultimatley I found out my ISP has a switch to turn port 80 on and off on thier website. Ugh! Hopefully this info will help someone.

  8. Just one thing I can't figure out. I understand the cert expires every 90 days, and I have seen information about automating it. Is it as easy as restarting the letsencrypt container when I need to update the cert(s)? Or do I need to dive into scripting a certbot renew? Thanks

  9. I was getting a too many redirects error when switching to this method. I fixed it by going the the SSL/TLS tab of cloudflare and switching it to "Full (strict)". Now works like a charm. Thank you for the amazing videos!

  10. I feel like I'm so close, but this seems like an error I can't ignore.

    nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)

    nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found:

  11. Thanks again for another to-the-point technical video! Was beating my head over letsencrypt subdomain credential creation, and this video did the trick.

  12. Hello,
    First of all, thank you for making these videos. It has been a lot of help in setting my own UnRaid server.
    I have a question though, I followed everything and it seems like I am getting error.
    My error reads:

    nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)

    nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found:

    What should I do in this error? It seems like I am not being able to connect to my nextcloud services.
    Any help would be awesome.

  13. @6:45 – So, they don't use "*" for wildcard cert anymore?
    you used "www" for http://www.reverseproxy.me
    so, "wildcard" will be wildcard.reverseproxy.me, but you also enable True for subdomains, which is the true wildcard enabler.
    I think you could have left "www" and just enabled subdomain and you would have gotten a wildcard certificate.
    you did not show the certificate detailed.
    or
    used "*,www" for the subdomain, and false for the main domain

  14. I followed everything but I am getting a cloudflare error 522 when going to my url now. I also have this on my LetsEncrypt log that still says it is ready but with an error before that.
    nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)

    nginx: [error] lua_load_resty_core failed to load the resty.core module from https://github.com/openresty/lua-resty-core; ensure you are using an OpenResty release from https://openresty.org/en/download.html (rc: 2, reason: module 'resty.core' not found:

    no field package.preload['resty.core']

    no file './resty/core.lua'

    no file '/usr/share/luajit-2.1.0-beta3/resty/core.lua'

    no file '/usr/local/share/lua/5.1/resty/core.lua'

    no file '/usr/local/share/lua/5.1/resty/core/init.lua'

    no file '/usr/share/lua/5.1/resty/core.lua'

    no file '/usr/share/lua/5.1/resty/core/init.lua'

    no file '/usr/share/lua/common/resty/core.lua'

    no file '/usr/share/lua/common/resty/core/init.lua'

    no file './resty/core.so'

    no file '/usr/local/lib/lua/5.1/resty/core.so'

    no file '/usr/lib/lua/5.1/resty/core.so'

    no file '/usr/local/lib/lua/5.1/loadall.so'

    no file './resty.so'

    no file '/usr/local/lib/lua/5.1/resty.so'

    no file '/usr/lib/lua/5.1/resty.so'

    no file '/usr/local/lib/lua/5.1/loadall.so')

    Server ready

  15. I see in this video you have Let's Encrypt Network type set as Bridge and not Proxynet like your last video. Is this a change that needs to happen? If so what other changes need to happen?

Leave a Reply

Your email address will not be published. Required fields are marked *