docs: explicit policy on missing certificate (#2465)

* chore/doc: explicit policy on missing certificate This doesn't change the current nginx-proxy behavior, but makes explicit the current HTTPS_METHOD policy on missing certificate. * fix: bad wording about missing certificate Co-authored-by: Nicolas Duchon <nicolas.duchon@gmail.com> * docs: typo in suggestion --------- Co-authored-by: Nicolas Duchon <nicolas.duchon@gmail.com>
2025-07-01 06:15:45 +00:00 · 2024-05-27 20:50:13 +02:00
parent 0dfc8b7a50
commit 5f3ec18b28
2 changed files with 10 additions and 4 deletions
--- a/docs/README.md
+++ b/docs/README.md
@ -572,7 +572,9 @@ _WARNING_: HSTS will force your users to visit the HTTPS version of your site fo

 ### Missing Certificate

-If HTTPS is enabled for a virtual host but its certificate is missing, nginx-proxy will configure nginx to use the default certificate (`default.crt` with `default.key`) and return a 500 error.
+If no matching certificate is found for a given virtual host, nginx-proxy will:
+* configure nginx to use the default certificate (`default.crt` with `default.key`) and return a 500 error for HTTPS,
+* force enable HTTP; i.e. `HTTPS_METHOD` will switch to `noredirect` if it was set to `nohttp` or `redirect`.

 If the default certificate is also missing, nginx-proxy will configure nginx to accept HTTPS connections but fail the TLS negotiation. Client browsers will render a TLS error page. As of March 2023, web browsers display the following error messages: