Linuxserver/letsencrypt how to set up routing for subdomain in nginx

I have an linuxserver/openvpn-as container running on my docker host as well as a linuxserver/letsencrypt server. I can access the openvpn-as container admin page from my local network through :943/admin I can access it through :943/admin when I set up port forwarding on my router and I can access it through <>:943/admin

I want to use ssl for this trafic and turned to the linuxserver/letsencrypt image. I managed to set it up and I am routing my home automation frontend to this domain as well. It’s on .com and

what I want to do now is create a subdomain called vpn.<> which should direct to :943 or :943/admin (Im not sure if the latter is possible or even desireable)

however, when I try to visit the page I get a 502 bad gateway error

here is the content of config/nginx/site-confs/openvpn

upstream openvpn {
map $http_upgrade $connection_upgrade {
     default upgrade;
     '' close;

server {
     listen 443 ssl http2;  

       include /config/nginx/ssl.conf;
       client_max_body_size 0;
       add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
       ssl_session_cache shared:SSL:10m;

      proxy_buffering off;

      location / {
          proxy_pass http://openvpn;    # Matches to the "upstream" name above
          proxy_set_header Host $host;
          proxy_redirect http:// https://;
          proxy_http_version 1.1;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection $connection_upgrade;


openvpn-as serves over https

you say you’re using our letsencrypt container but you’ve gone wild west with your config…

go into config/nginx/proxy-confs
rename openvpn-as.subdomain.conf.sample to openvpn-as.subdomain.conf, restart letsencrypt and it will just work (after you’ve deleted your site-confs/openvpn, of course)

or if you must use your attempt (which i think will give weird results with your proxy_redirect) drop the http (openvpn-as doesnt serve on http) and check your nginx logs.

thanks, I’ve been mixing up my tutorials. I got turned around somewhere and have been trying to fix it myself. It seems the bad gateway error was caused by something else btw. I could not get it to work using docker-compose, but using the plain docker run command did work.

just a follow-up, openvpn-as is using it’s own certificates. This given me an error as the certificates I have installed through letsencrypt are different from the ones used in openvpn-as.

Is there a way to disable the certificates in openvpn-as? If not, is there a way to make sure openvpn-as uses the certificates from letsencrypt, without needing to reinstall them every few months?

it does not matter at all what openvpn-as uses. I reverse proxy as a proof of concept and i can assure you my LE certs are not the same as

I would recommend starting over and reviewing


thank you, the starter guide was what I needed.

The problem turned out to be that letsencrypt could not find my openvpn container. the guide recommends setting up a user defined bridge network. Once I did that and attached my containers, it worked.

If I may make a humble suggestion, please put a link to these types of blog posts in the documentation of the container, so that they are easier to find.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.