Nextcloud SSL

Joel.S

Cadet
Joined
Feb 14, 2018
Messages
3
Just wondering how to setup a self signed SSL certificate for Nextcloud. Am only 13 so have very limited experience. Any help or guidance would be appreciated. Am using no-ip for ddns. Running freenas 11.
 

Nick2253

Wizard
Joined
Apr 21, 2014
Messages
1,633

DD4711

Contributor
Joined
Nov 19, 2018
Messages
102
Today I configured SSL for nextcloud plugin. For those who are searching for a solution here is what I did. No garanty if it is 100% correct. Maybe someone with knowledge could have a look on it:

  • copy both server certificates to: etc/ssl/
  • add in server block at /usr/local/etc/nginx/conf.d/nextcloud.conf:
Code:
  listen 443 ssl;
        ssl_certificate      /etc/ssl/cert.crt;
        ssl_certificate_key  /etc/ssl/cert.key;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

  • Test config: nginx -t -c /usr/local/etc/nginx/nginx.conf
  • Restart Service: service nginx restart
 

drycola

Cadet
Joined
Feb 18, 2019
Messages
1
Working solution:

Step 1:
Generate keys:
Log into freenas gui
Under System select CAs
Add and fill out information for your CA (used a generic one that was self signed)
Under Certificates
Add and fill out information for your certs (used a generic on that was self signed)
Click on 3 dots in right side of new certs and select view
This view displays the cert and key that was just created. Copy somewhere you will use them in a moment.

This step can be done before cert creation but make sure you installed nextcloud via the plugins in freenas.

You need to know the Pool name of disk you installed nextcloud with. This can be checked in the Storage / Disks in GUI
Open Shell from freenas GUI
Code:
cd /mnt/<Pool-Name>/iocage/jails/nextcloud/root/


Now to use the key and cert

Step 2:
Save keys to nextcloud can use them
Quick vi tips
starts insert mode you will need to do this in order to paste
Code:
i

writes or saves file
Code:
:w

exits
Code:
:q


Create and open cert.crt
Code:
vi etc/ssl/cert.crt

Then paste
Code:
-----BEGIN CERTIFICATE-----
*************************************
-----END CERTIFICATE-----

Code:
vi etc/ssl/cert.key

Then paste
Code:
-----BEGIN PRIVATE KEY-----
*************************************
-----END PRIVATE KEY-----

Step 3:
Edit config to enable ssl
Code:
vi usr/local/etc/nginx/conf.d/nextcloud.conf
Update the top of the file to look like the following
Code:
server {
  listen 80;
  listen 443 ssl;
        ssl_certificate      /etc/ssl/cert.crt;
        ssl_certificate_key  /etc/ssl/cert.key;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
  server_name _;
Step 4: Restart nextcloud via the plugin manager 3 dots Then watch the logs on nginx as you try to access nextcloud gui
Code:
tail -f var/log/nginx/access.log /var/log/nginx/error.log
If everything went smoothly you should be up and running with both a http and https nextcloud Don't forget to port forward 443 to your nextcloud instance. Happy hacking! PS If you want to add a trusted domain Add your domain
Code:
vi usr/local/www/nextcloud/config/config.php
Code:
'trusted_domains' =>
  array (
    0 => 'local-ip-address',
    1 => 'newdomain.com'
  ),
 
Last edited:

vzool

Cadet
Joined
Aug 5, 2020
Messages
5
Redirect HTTP to HTTPS per Site #
Code:
server {
    listen 80;
    server_name 192.168.0.111;
    return 301 https://192.168.0.111$request_uri;
}

server {
  #listen 80; # comment this line
  listen 443 ssl;
        ssl_certificate      /etc/ssl/cert.crt;
        ssl_certificate_key  /etc/ssl/cert.key;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
  server_name 192.168.0.111;
 
  # ...
 
}
 

Jase_GW

Cadet
Joined
Oct 15, 2020
Messages
1
Hi
Installed the latest version of Nextcloud plugin (v20) via FreeNas CP.
All worked fantastic, until, I tried to enable SSL.
Seen many guides etc, but missing something. Take a look at the login page, and you will see my first error !
cloud.studiosix.es

Thanks for any help I can get at this point.
 

somE

Cadet
Joined
Oct 3, 2022
Messages
3
Hello everyone i Hope im right Here the Thing is : i Setup my truenas core and installed nextcloud the IT works prrfect, Setup DNS over my Domain hoster and you can reach the nextcloud over the domain but as soon as Start the certbot the Domain Hits the to Many requests and Cookies prob. Ist there anybody Out there that can Help me or had the Same issus
 

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,455
Domain Hits the to Many requests and Cookies prob
What is the exact and complete error message? Because AFAIK, certbot does absolutely nothing with cookies.
 

somE

Cadet
Joined
Oct 3, 2022
Messages
3
sorry to right just know but only thing i see is on any browser i use : ERR_TOO_MANY_REDIRECTS
 

somE

Cadet
Joined
Oct 3, 2022
Messages
3
found out what the prob. was for all if the same prob is go in to : ee /usr/local/etc/nginx/conf.d/nextcloud.conf edited it with #
 
Top