diff --git a/OTcerts.py b/OTcerts.py
index 1f194d6..3bdda3c 100644
--- a/OTcerts.py
+++ b/OTcerts.py
@@ -24,6 +24,14 @@ and vhosts.vhost_id = vhosts_features.vhost_id  and hosts.host_id = hosts_urls.h
 WHERE (hosts_urls.http = 'Y' and hosts.hostname =  %(webserver)s)
 """
 
+# Get list of defined urls for specific webserver
+urls_list_stmt = """SELECT DISTINCT(urls.dns_name) AS urls
+FROM hosts INNER JOIN (hosts_urls, urls, vhosts_features, vhosts)
+ON (urls.url_id = hosts_urls.url_id and urls.url_id = vhosts.url_id 
+and vhosts.vhost_id = vhosts_features.vhost_id  and hosts.host_id = hosts_urls.host_id) 
+WHERE (hosts_urls.http = 'Y' and hosts.hostname =  %(webserver)s)
+"""
+
 # Get domain_id if defined in nameserver database
 domain_id_stmt="SELECT domains.id as domain_id FROM domains WHERE domains.name=%(domain)s"
 
@@ -34,7 +42,7 @@ subdomains_list_stmt = "SELECT DISTINCT(urls.dns_name) AS domain_names "\
                        "urls.dns_name LIKE %(domain)s)"
 
 default_conf_file="./etc/ot_certs.ini"
-logging.basicConfig(level=logging.INFO)
+logging.basicConfig(level=logging.DEBUG)
 logger = logging.getLogger()
 
 
@@ -53,6 +61,8 @@ def init_prog(argv):
                         help="Invoca solamente il renew per i certificati gia' presenti")
     
     service_group = parser.add_mutually_exclusive_group(required=True)
+    service_group.add_argument("--proxy", default=False, action='store_true', required=False,
+                        help="Richiedi i certificati per i siti proxaty")
     service_group.add_argument("--liste", default=False, action='store_true', required=False,
                         help="Richiedi i certificati per liste.indivia.net")
     service_group.add_argument("--hosting", default=False, action='store_true', required=False,
@@ -150,6 +160,27 @@ def get_domain_list(config,  ot_conn, dns_conn):
     ot_cursor.close()
     return result_dict
 
+
+def get_url_list(config_section, server_name, ot_conn, dns_conn):
+    """
+    Return a list
+    """
+
+    urls_list = []
+
+    ot_cursor=ot_conn.cursor()
+    ot_cursor.execute(urls_list_stmt, {'webserver':server_name})
+
+    ot_res = ot_cursor.fetchall()
+
+    logger.debug(ot_res)
+
+    urls_list = [t[0] for t in ot_res]
+
+    ot_cursor.close()
+    return urls_list
+
+
 def  get_alias_list(config, dns_conn, query, aliases):
     """
     Return a list of domains to get the certificate for
@@ -186,7 +217,7 @@ def acme_renew(config, pre_hook_cmd, post_hook_cmd, dryrun=False):
         args +=' --post-hook "{}"'.format(post_hook_cmd)
 
     args += " renew"
-    
+
     if dryrun:
         logging.info("{} {}".format(config['certbot']['bin'], args))
     else:
@@ -268,10 +299,12 @@ if __name__ == '__main__':
         logging.info('Renewing certificates ')
         if args.webmail or args.hosting or args.liste:
             post_hook_cmd = "systemctl reload apache2"
-        elif args.smtp: 
+        elif args.smtp:
             post_hook_cmd = "systemctl reload postfix"
         elif args.mbox:
             post_hook_cmd = "systemctl restart dovecot"
+        elif args.proxy:
+            post_hook_cmd = "systemctl reload nginx"
 
         logger.debug("post_hook_cmd: {}".format(post_hook_cmd))
 
@@ -297,6 +330,25 @@ if __name__ == '__main__':
             ret = os.system("systemctl reload apache2")
             logger.info(ret)
 
+        # Caso speciale per il proxy
+        if args.proxy:
+            logging.info('Asking certificates for proxy web domains')
+            try:
+                proxy_conf = config['nginx']
+            except KeyError as e:
+                logger.error("Error parsing configuration, KeyError {}".format(e))
+                exit(-1)
+            ot_conn=connect_db(dict(config['ot_db']))
+            dns_conn=connect_db(dict(config['dns_db']))
+
+            upstream_servers = [s.strip() for s in proxy_conf['upstream_servers'].split(',') if len(s.strip())>0]
+            for server_name in upstream_servers:
+                logger.debug("Upstream server {}".format(server_name))
+                url_list = get_url_list(proxy_conf, server_name,
+                                    ot_conn, dns_conn)
+                logger.debug(url_list)
+
+
         # Caso speciale per l'hosting
         if args.hosting:
             logging.info('Asking certificates for hosted web domains')
@@ -341,7 +393,7 @@ if __name__ == '__main__':
             ret = os.system("systemctl reload apache2")
             logger.info(ret)
 
-            
+
         # Caso speciale per l'interfaccia di mailman
         if args.liste:
             logging.info('Asking certificates for liste.indivia.net')
@@ -351,14 +403,14 @@ if __name__ == '__main__':
                 link_cert(config, vhost_name, vhost_name, dryrun=dryrun)
             else:
                 logger.error('Error asking certificate for {}'.format(vhost_name))
-                
+
             # reload apache
             logger.info("Reloading apache")
             # ret = subprocess.run("systemctl reload apache2")
             ret = os.system("systemctl reload apache2")
-            logger.info(ret)    
+            logger.info(ret)
+
 
-        
         # Caso speciale per il server POP/IMAP
         if args.mbox:
             dns_conn=connect_db(dict(config['dns_db']))