This was tested on Ubuntu Server Ubuntu 14.04.2 LTS x64 running Owncloud 8.0.4
1. Ensure you have ssl installed in Ubuntu
$ sudo apt-get install openssl
2. Enable the ssl and rewrite modules in apache2 :
$sudo su -
#a2enmod ssl
#a2enmod rewrite
3. Create a ssl directory inside /etc/apache2
# mkdir -p /etc/apache2/ssl
4. Create self signed ssl certificate. Fill the info as you wish. I’ve made the certificate valid for 10 years (3650 days).
# openssl req -new -x509 -days 3650 -nodes -out /etc/apache2/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key
5. Edit Owncloud config file :
#nano /etc/apache2/conf-enabled/owncloud.conf
Change from :
Alias /owncloud "/var/www/owncloud/" <Directory "/var/www/owncloud"> Options +FollowSymLinks AllowOverride All <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /var/www/owncloud SetEnv HTTP_HOME /var/www/owncloud </Directory> <Directory "/var/www/owncloud/data/"> # just in case if .htaccess gets disabled Require all denied </Directory>
to the config below. Replace 192.168.0.16 with your server’s IP address.
The highlighted text is the original config that must be left untouched.
#Listen 443 #uncomment and change the above only for other ports <VirtualHost 192.168.0.16:80> RewriteEngine on ReWriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] </VirtualHost> <VirtualHost 192.168.0.16:443> SSLEngine on SSLCertificateFile /etc/apache2/ssl/owncloud.pem SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key DocumentRoot /var/www/owncloud/ Alias /owncloud "/var/www/owncloud/" <Directory "/var/www/owncloud"> Options +FollowSymLinks AllowOverride All <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /var/www/owncloud SetEnv HTTP_HOME /var/www/owncloud </Directory> <Directory "/var/www/owncloud/data/"> # just in case if .htaccess gets disabled Require all denied </Directory> </VirtualHost>
Restart Apache webserver.
#service apache2 restart
That’s it. All Owncloud connections will use SSL encryption.
Modify all desktop and mobile client settings to use https instead of http when accessing Owncloud.
To make your Owncloud accept connections from outside your home network, you must do the additional steps below :
7. Forward port 443 on your router to 192.168.0.16 port 443. If you used another port in the owncloud.conf file, make sure it’s the same as here.
8. Edit /var/www/owncloud/config/config.php and change the trusted domains section from :
'trusted_domains' => array ( 0 => '192.168.0.16', ),
to
'trusted_domains' => array ( 0 => '192.168.0.16', 1 => '89.90.91.92', ),
89.90.91.92 is a new IP allowed to connect to Owncloud and 192.168.0.16 is the Ubuntu server’s IP.
From outside, Owncloud will be accessible by using the following adress https://your-public-home-ip:443/owncloud
19 comments
Skip to comment form
Thanks for a guide that is straight-forward!
I’m having a bit of trouble though. After I followed this guide I tried to connect from browser to https://192.168.1.4/owncloud
This gives me a warning that my connection is not private (NET::ERR_CERT_AUTHORITY_INVALID) and if i proceed, ignoring the warning, i get to a page saying:
Not found
The requested URL /owncloud/ was not found on this server.
Apache/2.4.7 (Ubuntu) Server at 192.168.1.4 Port 443
I copied the virtual host code above and changed my ip to my servers ip
Any idea what i did wrong?
Author
Hi. Is https://192.168.1.4 working ? Have you restarted Apache ?
I reinstalled everything and it now works! Thanks
Can you tell me, what did you do exactly? i have the same problem, thanks in advance.
I too have the same problem as martin described. .. and i’ve reinstalled more than a couple of times.
I get a warning that my connection is not private (NET::ERR_CERT_AUTHORITY_INVALID)
Author
Can you access the server by it’s IP, but without “/owncloud” at the end ?
You don’t have the “Advanced” button ? If you click it, it should display the link to proceed. The connection is private, but the security certificate is self generated and therefore not trusted by your browser.
Tank you! very goooood!
Hi!
Your tutorial works fine!
In my configuration for owncloud is intended only 192.168.0.16/owncloud
I have some other websites in my domain, 192.168.0.16 is main site, 192.168.0.16/lwt is another and so on.
Now all my sites requesting ssl and displaying owncloud logo together with error message.
How can I make only owncloud request ssl?
Author
This part tells the server to redirect http port 80 to https port 443, so you must comment it :
Thank you! But now i cannot access owncloud haha
how to I redirect all that comes through port 80, only via my /owncloud directory?
thanks for your post, pretty useful. I am redirected to https://192.168.1.100:80/index.php. It changes the protocol but not the port. What am I doing wrong?
thanks for easier guide,, i follow all step,, but i have a problem like this
Bad Request
Your browser sent a request that this server could not understand.
Reason: You’re speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
Author
You need to use https instead of http when accessing Owncloud URL.
Thank you so much! It is working perfectly!
I’m doing this on an Amazon EC2 instance with ubuntu 16 and the steps you provide work great! Added an https rule for port 443 to the instance’s security group (didn’t check to see that this was necessary, just assumed it was).
Thanks!
Author
Thanks for the info.
Hello,
i got this errors when i go to edit the /etc/apache2/conf-enabled/owncloud.conf
Job for apache2.service failed. See ‘systemctl status apache2.service’ and ‘journalctl -xn’ for details
I configured owncloud and when ever I go to https://192.168.1.10 it redirects me to https://192.168.1.10/owncloud. How do I disable redirect and make sure that I have to go to /owncloud to get access?
Dear
Congrats for your post! It worked on the first try!
Tks
Luciano Albano