How to configure self signed SSL certificate in owncloud Ubuntu
Before directly jumping into this tutorial you must have running owncloud server in your system.
I have written it in my previous post,you can learn how to from this link https://sharadchhetri.com/installing-owncloud-in-ubuntu-13-04/
In this tutorial we will learn how to configure self signed ssl certificate in owncloud.
The method is applied to apache2 no matter it is Debian or Ubuntu.If still you have any doubt leave the comment.
To configure the Self Signed Certificate follow the given below steps.
Step(1) Install openssl in server as we have already running owncloud hence installing of apache2 is not required.
$ sudo apt-get install openssl
Step(2) Enable the ssl and rewrite module in apache2
$sudo su - #a2enmod ssl #a2enmod rewrite
Step(3): Create a ssl directory inside /etc/apache2
# mkdir -p /etc/apache2/ssl
Step(4): Create self signed ssl certificate. And fill information which it will ask.
openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key
Now we will configure the owncloud.conf file.
Step (5): Edit the owncloud.conf file
In owncloud.conf file I redirect port 80 request to port 443.
Configured the SSL engine and its key path. And the DocumentRoot parameter is also used.
Note: In the below given configuration I am using IP based Virtual Hosting in apache. If you have DNS configured you can set it as name based configuration also.
Replace 192.168.1.34 with you server IP address
vi /etc/apache2/conf.d/owncloud.confRewriteEngine on ReWriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] SSLEngine on SSLCertificateFile /etc/apache2/ssl/owncloud.pem SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key DocumentRoot /var/www/owncloud/ AllowOverride All order allow,deny Allow from all
Step (6) Restart the apache2.
service apache2 restart
Step(7) Open the webbrowser and type the url of owncloud you will see it by defualt goes to https.
If you want both http and https then remove the redirection at para of “VirtualHost *:80 …. </VirtualHost> “
Just encountered a new problem:
– I’d love to synchronize symbolic link-files (without following them, just the files) (linux client, linux server)
– In some place I read that it is a question of setting the right options in appache
Could you help, and suggest a solution?
Dieter
Try this
Options Indexes FollowSymLinks MultiViewsRe-read step 5, In code viewer.In last section ,modify the configuration like this
Restart the apache2,
sudo /etc/init.d/apache2 restartI hope this is the answer ,are you looking for
I have just written it on fly, not tested.But I believe it should work. Let me know the feedback.I have a owncloud server in production and I am using it.In case ,you strike with issue ,let me know.
Thank you:
I did as you said. The client replies that simlink sinchronisation is not supported
Thanks Diego,
First of all ,I really appreciate for your donation to charity.I received the email.
Now, as per your question.I checked some bugs in owncloud and found this issue https://github.com/owncloud/mirall/issues/1299 .
Also found question raised in forum, https://forum.owncloud.org/viewtopic.php?f=14&t=18566 .
I think I have not seen this problem neither my end user reported.This problem I am seeing first time.
I would like to troubleshoot on this issue.
Kindly send me email with the details like –
Which Operating System you are using for client?
What is the Owncloud exact version ?
I will check this issue.
Just a quick add. After getting stuck for a while with this excellent doc. I do really mean that this is a great doc you put together. I think you are missing one command
sudo a2ensite default-ssl
Once I did this my page started loading. Thought you might want to add this.
Thanks Ajai,
Glad to know,this doc helped you
I will recheck the practical.Might be some changes has happened when I last did this practical.
Regards
Sharad
Thank you for your great help. The command “a2ensite default-ssl” solved the problem. Your competence is so helpful, that I wouldn’t mind to pay something for such a great support. Think of it: to make it possible to pay something.
(most people want money before they help, and theire help isn’t worth the money, not so here)
Thank you
Thankyou Diego,
I would also like to thank to Mike who answered this question. (thanks buddy)
Diego, I am happy to hear words of appreciation from your side.If you really want to pay money,I will be more happy to see,your monetary help to some Open source project. Or you can donate this money to any charity group or help any poor guy at your local area.
Your donation, will make me more happy.
Once you done that just send me an email at admin@sharadchhetri.com.
Thanks and Regards
Sharad
Good idea
You’ll hear from me
Hello
Thank you for your tutorial. Yet I was not able to get the site running under https. I followed your suggestion to blot out the redirection part of the owncloud.conf file, so the standard access without encryption is still possible.
Trying to connect to https://192.168.178.199/owncloud (or even https://192.168.178.199) yealds the error “SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long)”
I don’t know what to do, can you help me?
Hello Diego,
Check the document root , I have set as
DocumentRoot /var/www/owncloud/in apache file.Recheck the configuration in step 5.
If possible,can you share you apache config file.
Regards
Sharad
I had the same issue. Simple fix: run ‘a2ensite default-ssl’ from the command line to set up an SSL site entry. Then restart apache.
Thanks for the post, Sharad.
Mike
Thankyou Mike,
Yes this is also the fix for SSL.
Somebody here until now?
I got a same problem.
But now, I solved this problem.
I missed ‘a2ensite default-ssl’.
Thank you four your commend.
Thanks a lot! I really appreciate it!
Sharad,
Thank you so much for the quick response! It would be awesome if you could help me out. I actually reformatted and reinstalled ubuntu server, so I’m just now getting to configuring ssl again. If you could help me out one on one, that would be awesome! Just email me at your convenience.
I am only going to be using this server for owncloud (and as a home server).
I would like to configure this for a public domain if possible.
This question might best be reserved for chat, but is there an easy way of mapping a Windows network drive to an owncloud with SSL? From what I’ve read, it doesn’t seem to be possible. I’ve tried NetDrive and the built in Explorer wizard with no luck.
Thanks a lot for the help!
John,
I will email you later and I can provide support to you on Sunday because some other users also asked me for help on this Saturday.
In Windows, make a shared folder and use mount -t cifs command.
Same logic I have applied with NAS storage,in NAS I opened SMB protocol for sharing which is similar to sharing the folder in Windows. Here is the post ‘‘ for your reference.Just have a trial,I hope this is the answer you are looking for.
Regards
Sharad
Okay, I think I got that last bit figured out. Now my problem is that when I type ip/owncloud into my address bar, I get a “cloud not found” error. However, when I use just my ip, I am able to log in.
Any idea what the problem might be here?
Thanks!
Hello John,
Thanks for commenting.”Cloud not found” error is already solved. Watch the video at 39:00 minute,answer is given.
Here I have used Name Based virtual host in apache configuration. In reading document, I have given IP based Virtual Host in apache.
The basic logic is applicable in all scenario, but people uses the apache in different way as per their Server requirement.
If still the problem is not solved let me know again.If possible I will help you by taking remote desktop or giving instruction in chat.
I need some more details like:
Question 1: Are you applying owncloud in Server which only provide this service or other websites are also running in same server?
Question 2: Do you have domain name which you want to configure for this ? (Reason for practice,I mapped the example.com in /etc/hosts, If you want to use public domain name you have to configure your DNS also)
Hello,
I’m getting the following error when attempting to restart apache2:
Syntax error on line 13 of /etc/apache2/conf.d/owncloud.conf:
directive requires additional arguments
Action ‘configtest’ failed.
Here is my owncloud.conf:
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.pem
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
DocumentRoot /var/www/owncloud/
AllowOverride All
order allow,deny
Allow from all
Thanks a lot!
There is a major issue with the syntax on the /etc/apache2/conf.d/owncloud.conf file that you have up there. this is what I had to make mine look like to get it to work
<blockquote
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.pem
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
AllowOverride All
order allow,deny
Allow from all
It was typo mistake.Yes there was syntax problem because few days back I updated this post.Might be I forgot to recheck. Apologize for inconvenience
How people managed to get this working when there are missing lines in the /etc/apache2/conf-enabled/owncloud.conf file you include above, I don’t know!
Thanks Andy, The post was updated few days back and it has typo. Now problem is solved. Thanks for updating the typo.