MeshCentral behind a GUI Nginx Proxy Manager and externally issued SSL certificates

MeshCentral Thumb

MeshCentral is an open source, multi-platform, self-hosted and feature packed portal for remote device management (it even runs off a Pi!). It is one of the easiest I’ve seen for adding new devices, but that really only works once you have the server setup correctly for agents to connect automatically to it when using it in WAN mode.

The challenge I had was firstly that my server is behind a reverse proxy, which claims the SSL port 443 for itself, and secondly that the agent SSL pattern hash was not matching the SSL pattern hash that MeshCentral was using from my Cloudflare issued SSL cert, and MeshCentral then rejects the agent’s connection as it wants to ensure there is no man-in-the-middle attack in progress.

So half of this video is quickly showing what MeshCentral looks like, and the second half is about how I solved the two issues I was faced with. I only found the dev’s video much later about Nginx Proxy, after I’d spent two days pouring through support forums trying to piece a solution together, but I’ll include a link to it as well. My solution was considering specifically the Nginx Proxy Manager with the GUI interface, and I discovered a way to enter the custom proxy set header commands into it.

Don’t get me wrong, though, as MeshCentral has excellent documentation as well as dev videos – definitely one of the better documented open source projects that I’ve seen. It even has support for MQTT clients, which may have potential for smart home devices.

Watch https://youtu.be/V0uDXCua4q8

#technology #meshcentral #selfhosted #opensource #nginxpm