Owncloud plugin ssl FN9.3.1

[Joshua Parker Ruehlig]

I'm not sure how you expect this to work. just checked an external port checker and your IP has port 443 closed.

I can help if your router is running pfsense or ddwrt. otherwise you'll need to figure out why NAT isn't working on your router

 

[James1432]

Hi Josh

Going to give my ISP a ring this morning to see if they can shed any light on the situation..

Although the Static IP is assigned there appears to be no gateway IP assigned?

Just to be sure.. NAT should be turned off in the jail right??

Is there any other additional info I can ask them while I have them on the phone???

 

[Joshua Parker Ruehlig]

sorry I'd rather not get involved with your ISP stuff.
Hosting your own websites is pretty straight forward with comcast with a pfsense router, but I don't want to have to get into the complications of your particular ISP / setup.

 

[James1432]

Hey Josh!

What a bunch of Chocolate Tea Pots they were!! Ended up with a lesson on how to turn a router on and off!!

Anyhoo.. progress made.. I think?!?! lol

Had a look at godiddly and the A record was wrong so have changed that.. now have..

FQDN - check
GREEN PADLOCK - check
OUTSIDE NETWORK - no

Assuming this one is a porting problem, I have set the router to the install standard ports internally??

Also getting this on the admin panel..

The "Strict-Transport-Security" HTTP header is not configured to at least "15768000" seconds. For enhanced security we recommend enabling HSTS as described in our security tips.

 

[Joshua Parker Ruehlig]

I'm not sure what you are asking me.
As for enabling HSTS, I don't have very much experience with apache, but I'm sure you could figure out how to add that header from googleing around. The config files would be in /usr/pbi/owncloud-amd64/etc/apache24/

 

[James1432]

Sorry dude

Think the problem is the ports as it seems to work internally..

Do the internal ports need to be the same as external?

Had this part working before so a bit confused now?? Lol

Is it possible to check or change the internal ports???

 

[Joshua Parker Ruehlig]

you can check what port your jail is using with "sockstat"
by default apache uses 80 for HTTP and 443 for HTTPS but this could be changed in the config.

Sorry, I'm not going to help you with NAT. I only have experience doing that on pfsense or dd-wrt, but I assume somewhere on the internet you could find help with your router.

 

[James1432]

Hi Josh

Checked and running on the suspected port? Going to phone a different department of the ISP today to make sure it isn't getting blocked..

Still getting this error on checking Apache though?

root@owncloud_1:/ # service apache24 restart
Performing sanity check on apache24 configuration:
AH00557: httpd: apr_sockaddr_info_get() failed for owncloud_1
AH00558: httpd: Could not reliably determine the server's fully qualified domain
name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this
message
Syntax OK
Stopping apache24.
Waiting for PIDS: 61023.
Performing sanity check on apache24 configuration:
AH00557: httpd: apr_sockaddr_info_get() failed for owncloud_1
AH00558: httpd: Could not reliably determine the server's fully qualified domain
name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this
message
Syntax OK
Starting apache24.
AH00557: httpd: apr_sockaddr_info_get() failed for owncloud_1
AH00558: httpd: Could not reliably determine the server's fully qualified domain
name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this
message

 

[Joshua Parker Ruehlig]

I don't think that error matters, but to be safe you could set your ServerName variable in /usr/pbi/owncloud-amd64/etc/apache24/owncloud.conf

 

[James1432]

Hey Josh!!

Thought I'd give you an update mate.. Spent 6 hours on he phone to the ISP Lol there is something odd with the router so sooner I get the pfsense working the better!!

Anyhooo.. Messed aroud with a couple of files this morning and it appears to work.. with SSL :) Woohooo!!

Only downer is it doesn't redirect from http so you have to type in https etc?

Thank you very much for your contributions in getting it up for me, you are a star!

Any tips on customisation? Found the /mnt/Volume1/jails/owncloud_1/usr/pbi/owncloud-amd64/www/owncloud/core/img file

Seems a bit labourious having to create something and save it in 3 or 4 different formats etc or am I mistaken??

Added theme_switcher to the plugins but doesn't seem to work at the moment, Surprised there isn't a sweet little plugin or something in the GUI

Kindest regards

James

 

[Joshua Parker Ruehlig]

glad you got it at least partially working.
there used to be a setting to force redirects from http to https but they removed that option and recommend people do it the more secure way in their webserver configuration. the issue with that is, if you ever update the plugin it would overwrite your changes, but I don't update this plugin often as owncloud has in-app updating for minor versions.
https://doc.owncloud.org/server/9.0...tml#redirect-all-unencrypted-traffic-to-https

I'm not one to modify themes, I usually stick with the default. I'm sure there's a way to do this, but you probably would get better help on the owncloud forum for this.