How to configure self signed SSL certificate in owncloud Ubuntu
Before directly jumping into this tutorial you must have running owncloud server in your system.
I have written it in my previous post,you can learn how to from this link https://sharadchhetri.com/2013/05/15/installing-owncloud-in-ubuntu-13-04/
In this tutorial we will learn how to configure self signed ssl certificate in owncloud.
The method is applied to apache2 no matter it is Debian or Ubuntu.If still you have any doubt leave the comment.
To configure the Self Signed Certificate follow the given below steps.
Step(1) Install openssl in server as we have already running owncloud hence installing of apache2 is not required.
$ sudo apt-get install openssl
Step(2) Enable the ssl and rewrite module in apache2
$sudo su - #a2enmod ssl #a2enmod rewrite
Step(3): Create a ssl directory inside /etc/apache2
# mkdir -p /etc/apache2/ssl
Step(4): Create self signed ssl certificate. And fill information which it will ask.
openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key
Now we will configure the owncloud.conf file.
Step (5): Edit the owncloud.conf file
In owncloud.conf file I redirect port 80 request to port 443.
Configured the SSL engine and its key path. And the DocumentRoot parameter is also used.
Note: In the below given configuration I am using IP based Virtual Hosting in apache. If you have DNS configured you can set it as name based configuration also.
Replace 192.168.1.34 with you server IP address
vi /etc/apache2/conf.d/owncloud.confRewriteEngine on ReWriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] SSLEngine on SSLCertificateFile /etc/apache2/ssl/owncloud.pem SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key DocumentRoot /var/www/owncloud/ AllowOverride All order allow,deny Allow from all
Step (6) Restart the apache2.
service apache2 restart
Step(7) Open the webbrowser and type the url of owncloud you will see it by defualt goes to https.
If you want both http and https then remove the redirection at para of “VirtualHost *:80 …. </VirtualHost> “
I’m using Debian 7.10 and when I browse to /etc/apache2/conf.d/, i don’t see owncloud.conf file. Is it stored somewhere else on Debian or named something else? Or do I have to create that file with the information above if I don’t have it?
In Debian owncloud installation, I found a file that has “” in /etc/apache2/sites-enabled/000-default
Is file the same as the owncloud.conf in Ubuntu?
Hi,
This actually a apache configuration. You can create a owncloud.conf file in conf.d directory if you have not found. 000-default is the symlink and it is default apache configuration. do ls -la 000-default you can see its actual source path.
Better to go with creating owncloud.conf file with same content. Check the DocumentRoot path as well.
Today I will install debian 7.10 and will check it. Give me some time to create a tutorial. In between this time you can try yourself.
Sorry for late reply.It is also working well in Debian 7.10. Just follow the same steps in Debian also
hi,
in step 5 you should remove
Thanks nino,
It is done, few days back I removed blockquotes,I think that strong tag was left
Regards
Sharad
Hey man,
I’m getting an error when restarting the apache2 service
SSLCertificatekeyfile: file ‘/etc/apache2/ssl/owncloud.key’ does not exist or is empty
Having looked it is quite right, the file doesn’t exist, I’ve gone over each step to see what I’ve missed but can’t find it.
Running Ubuntu
Me being a d*ckhead and not scrolling along the certificate creation line… all is good
openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key
Above is cert creating command. Are you opening the site with mobile device or Desktop and let me know also which web browser you are using.
openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key
Above line is command of creating SSL certs. Check all the steps once again. I rechecked step by step, it is working for me
i have lost “<" at first line
Sorry and thanks again!
No problem, I am happy to see you found the typo error.
Moreover I am also glad to see ,you use pastebin like justpaste[dot]it , your comment will help new bie to understand how to share code.
few days back I wrote in pastebin topic which are delivered by Linux Distro’s team
https://sharadchhetri.com/2013/06/03/useful-3-pastebin-links-which-i-mostly-use/
i have this error, what i can do?
sudo service apache2 restart
apache2: Syntax error on line 260 of /etc/apache2/apache2.conf: Syntax error on line 6 of /etc/apache2/conf.d/owncloud.conf: without matching section
Action ‘configtest’ failed.
The Apache error log may have more information.
…fail!
Hello Clodio,
Kindly send me the apache2 configuration file.It seem the problem might be in syntax. or else check carefully might be you have done any typo
I need the information also where your owncloud web directory is located . Is it in /var/www or /usr/local or else.
Regards
Sharad
admin@sharadchhetri.com
Thank you for reply.
Here the apache2.conf
http://justpaste.it/2vvz
Here the owncloud.conf
http://justpaste.it/2vw0
Owncloud directory is in /var/www/
Thank you
Hello
Ik have a problem when i use your instructions
to start, i have my site in another dir then the default /var/www but in /home/myusername/www
owncloud resides inside /home/myusername/owncloud
When I use your conf settings everything gets messed up beyond my point of understanding it, for now. I do feel it has something to do with the directories.
I want my regular site wich resides in /home/myusername/www to stay as is, and to be reached without appending https:// but the default http://, the owncloud dir however, I do want to have secure https://
Can you send me in the right direction please?
(that’s if you could understand my description offcourse)
so in short, i want my regular site to be available as a insecure http:// site and the owncloud directory to be secured by ssl
thank you!
owncloud resides inside /home/myusername/owncloud
should be
/home/myusername/www/owncloud/
ok,
I assume you are using Ubuntu.
open the file /etc/apache2/conf.d/owncloud.conf
And in
Replace with
Now check if www-data user exist. Hit the command
“id username ” or ” grep username /etc/passwd”
Change the ownership and group of /home/myusername/www/owncloud/
chown -R www-data:www-data /home/myusername/www/owncloud/
Do these steps, if still have issue. let me know then we will do next step
WOW! thanks for your quick response!
Yes I’m using ubuntu server 12.04.1, sorry for not mentioning
In your reply you tell me to replace something in /etc/apache2/conf.d/owncloud.conf, perhaps you forgot to tell me what to replace it with?
When it comes to the ownership of the owncloud folder/files, that was already owned by www-data
Something else you should know, the owncloud data folder sits on another drive and is symlinked, under the normal circumstances that was a non-issue, but perhaps now it is?
Thanks again.
Solved!
Needless to say I am in the infant-noob stages of running a proper server 🙂 but I figured it out all by myself.
it was only a matter of leaving out :
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
and let owncloud force ssl on users, so you can forget I ever asked. Thanks for your instructions!
Nice, it is very good thing when you troubleshoot yourself and after solving the issue get the feeling of winning the battle 🙂
Hi all,
Well, this is the best howto about how to ssl in owncloud, so congratulations. Just one question, when ending the steps and trying to acces though https, it gives me the error: Cloud not found.
I search in official forums and none of the solutions applyes for me. It seems like the http works fine pointing the correct path, but not https. Do you know which file I should edit. Probably the error is in the apache files, but I couldnt find a solution.
Hope you can help. Thanks in advance
Daniel,
Thanks for appreciation.
Kindly send me the below given info –
(1) Apache configuration file
(2) The Web Directory means where the owncloud files exist. for eg. /var/www/html or /var/www or /var/usr/share/owncloud
ls -ld /path/of/web/directory
ls -la /path/of/web/directory
(3) the owncloud.conf file output.
(4) Which operating system you are using.
If possible I will try to solve the issue remotely also. Let me know.
Send me all the details via my Contact page.
Hello,
thanks for your tutorial
I have the same problem:
With the original configuration (http only, no https) I had owncloud working.
I followed your instructions (I think). Now http is redirected to https, but Owncloud tells me:
Cloud not found.
here my Config:
/etc/apache2/conf.d# cat owncloud.conf # # AllowOverride All # RewriteEngine on ReWriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] SSLEngine on SSLCertificateFile /etc/apache2/ssl/owncloud.pem SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key DocumentRoot /var/www/owncloud/ AllowOverride All order allow,deny Allow from allthe apache2.conf:
LockFile ${APACHE_LOCK_DIR}/accept.lock PidFile ${APACHE_PID_FILE} Timeout 300 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 5 StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 150 MaxRequestsPerChild 0 StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 150 MaxRequestsPerChild 0 StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 150 MaxRequestsPerChild 0 User ${APACHE_RUN_USER} Group ${APACHE_RUN_GROUP} AccessFileName .htaccess Order allow,deny Deny from all Satisfy all DefaultType None HostnameLookups Off ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel warn Include mods-enabled/*.load Include mods-enabled/*.conf Include httpd.conf Include ports.conf LogFormat "%v:%p %h %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"" vhost_combined LogFormat "%h %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"" combined LogFormat "%h %l %u %t "%r" %>s %O" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent Include conf.d/ Include sites-enabled/cat owncloud.conf # # AllowOverride All # RewriteEngine on ReWriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] SSLEngine on SSLCertificateFile /etc/apache2/ssl/owncloud.pem SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key DocumentRoot /var/www/owncloud/ AllowOverride All order allow,deny Allow from allIt is all on Ubuntu 12.04.
I appreciate your help!
Greetings,
Hendrik
Hendrik,
send the owncloud.conf file in admin@sharadchhetri.com , in comment section I am not seeing Directory tag. Might be I am missing something which is not printed properly in comment section
OK I got the issue and it can be fixed by using Name base or using IP based Virtual Host in apache configuration.
the post has been updated with IP based virtual host example.In video I have shown Name based and IP based both apache configuration.
Let me know if still facing the issue
It works now, thanks!
Hello again,
in fact it does not work.., sorry for the confusion.
The https connection did not work, only the http one
I got an SSL Error in chrome and
Invalid method in request x16x03x01 on the server.
So I did a bit of searching and found this:http://idolinux.blogspot.de/2007/11/invalid-method-in-request-x16x03x01.html. Consequently I modified the Configration like this:
[code]grep ^[^#] ports.conf
NameVirtualHost 192.168.177.3:80
Listen 80
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 443
Listen 443
grep ^[^#] sites-enabled/*
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Options FollowSymLinks
AllowOverride All
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
AllowOverride All
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ “/usr/share/doc/”
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
grep ^[^#] conf.d/owncloud.conf
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.pem
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
DocumentRoot /var/www/owncloud/
AllowOverride All
order allow,deny
Allow from all
[/code]
Do you see the error?
By the way: I think there is a typo in your post (two dots in the IP)
Greetings,
Hendrik
The result is the original error. In the log:
[code][Mon Sep 23 21:17:24 2013] [notice] caught SIGTERM, shutting down
[Mon Sep 23 21:17:25 2013] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Sep 23 21:17:25 2013] [warn] RSA server certificate CommonName (CN) `xy.selfhost.eu’ does NOT match server name!?
[Mon Sep 23 21:17:25 2013] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Sep 23 21:17:25 2013] [warn] RSA server certificate CommonName (CN) `xy.selfhost.eu’ does NOT match server name!?
[Mon Sep 23 21:17:25 2013] [notice] Apache/2.2.22 (Ubuntu) PHP/5.3.10-1ubuntu3.8 with Suhosin-Patch mod_ssl/2.2.22 OpenSSL/1.0.1 mod_perl/2.0.5 Perl/v5.14.2 configured — resuming normal operations
[Mon Sep 23 21:17:29 2013] [error] [client 192.168.177.20] File does not exist: /var/www/owncloud/owncloud
[Mon Sep 23 21:18:15 2013] [error] [client 192.168.177.20] File does not exist: /var/www/owncloud/owncloud
[Mon Sep 23 21:18:21 2013] [error] [client 192.168.177.20] File does not exist: /var/www/owncloud/owncloud
[/code]
I have placed a video also.Thanks you solved it. I edited my post but I think it reverted back to old settings
Thanks for the tutorial. Great work.
This is a much more simple method than I have seen before. Only two complaints:
1. Redirect from port 80 is not strictly necessary as it can be enabled from owncloud admin. (But it was good to include for learning purposes ;-P )
2. DocumentRoot /var/www/owncloud/ didn’t work for me when accessing remotely. I had to change to /var/www/
Thanks again!
Welcome.
it depends upon where the owncloud web directory exist.
Thanks for feedback
Hi,
thanks for your post.
I did in this way, but I can’t connect to owncloud, i only get the next message :”The requested URL /owncloud/index.php/ was not found on this server” [Error 404].
Could you give a little help, please?
404 page means page not found.
Check the owncloud web directory path. I think you did some typo in apache conf file or given wrong path of web directory.
if still have issue , send me the email with all details.
You can write message from “Contact” page
This worked great, thanks. However in creating the certificate you’re using path ‘/etc/apache2/s/ssl/’ but in the configuration file it’s ‘/etc/apache2/ssl/owncloud.pem’, missing the ‘/s’ between apache2 and ssl. Adding /s worked for me.
In addition I got an error when I restarted Apache that /var/www/owncloud didn’t exist. Once I created the directory everything was good.
Thanks for the great write-up, I appreciate it!
Thanks Matt, it was typo mistake . It is clear now.
The typo still exists here:
openssl req -new -x509 -days 365 -nodes -out /etc/apache2/s/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key
done done 🙂 might be the post was not properly updated