Enable SSL for Owncloud 8 on Ubuntu

This was tested on Ubuntu Server Ubuntu 14.04.2 LTS x64 running Owncloud 8.0.4

1. Ensure you have ssl installed in Ubuntu

$ sudo apt-get install openssl

2. Enable the ssl and rewrite modules in apache2 :

$sudo su -
#a2enmod ssl
#a2enmod rewrite

3. Create a ssl directory inside /etc/apache2

# mkdir -p /etc/apache2/ssl

4. Create self signed ssl certificate. Fill the info as you wish. I’ve made the certificate valid for 10 years (3650 days).

# openssl req -new -x509 -days 3650 -nodes -out /etc/apache2/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key

5. Edit Owncloud config file :

#nano /etc/apache2/conf-enabled/owncloud.conf

Change from :

Alias /owncloud "/var/www/owncloud/"
<Directory "/var/www/owncloud">
    Options +FollowSymLinks
    AllowOverride All

    <IfModule mod_dav.c>
      Dav off
    </IfModule>

    SetEnv HOME /var/www/owncloud
    SetEnv HTTP_HOME /var/www/owncloud
</Directory>

<Directory "/var/www/owncloud/data/">
  # just in case if .htaccess gets disabled
  Require all denied
</Directory>

to the config below. Replace 192.168.0.16 with your server’s IP address.
The highlighted text is the original config that must be left untouched.

#Listen 443
#uncomment and change the above only for other ports

 <VirtualHost 192.168.0.16:80>
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>

<VirtualHost 192.168.0.16:443>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.pem
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
DocumentRoot /var/www/owncloud/

Alias /owncloud "/var/www/owncloud/"
<Directory "/var/www/owncloud">
    Options +FollowSymLinks
    AllowOverride All

    <IfModule mod_dav.c>
      Dav off
    </IfModule>

    SetEnv HOME /var/www/owncloud
    SetEnv HTTP_HOME /var/www/owncloud
</Directory>

<Directory "/var/www/owncloud/data/">
  # just in case if .htaccess gets disabled
  Require all denied
</Directory>
</VirtualHost>

Restart Apache webserver.

#service apache2 restart

That’s it. All Owncloud connections will use SSL encryption.
Modify all desktop and mobile client settings to use https instead of http when accessing Owncloud.

To make your Owncloud accept connections from outside your home network, you must do the additional steps below :

7. Forward port 443 on your router to 192.168.0.16 port 443. If you used another port in the owncloud.conf file, make sure it’s the same as here.

8. Edit /var/www/owncloud/config/config.php and change the trusted domains section from :

'trusted_domains' =>
array (
0 => '192.168.0.16',
),

to

'trusted_domains' =>
array (
0 => '192.168.0.16',
1 => '89.90.91.92',
),

89.90.91.92 is a new IP allowed to connect to Owncloud and 192.168.0.16 is the Ubuntu server’s IP.

From outside, Owncloud will be accessible by using the following adress https://your-public-home-ip:443/owncloud

19 comments

Skip to comment form

    • martin on July 23, 2015 at 4:30 pm
    • Reply

    Thanks for a guide that is straight-forward!

    I’m having a bit of trouble though. After I followed this guide I tried to connect from browser to https://192.168.1.4/owncloud

    This gives me a warning that my connection is not private (NET::ERR_CERT_AUTHORITY_INVALID) and if i proceed, ignoring the warning, i get to a page saying:

    Not found
    The requested URL /owncloud/ was not found on this server.
    Apache/2.4.7 (Ubuntu) Server at 192.168.1.4 Port 443

    I copied the virtual host code above and changed my ip to my servers ip

    Any idea what i did wrong?

    1. Hi. Is https://192.168.1.4 working ? Have you restarted Apache ?

        • martin on July 24, 2015 at 11:38 am
        • Reply

        I reinstalled everything and it now works! Thanks

          • Sandi on August 29, 2015 at 7:26 am
          • Reply

          Can you tell me, what did you do exactly? i have the same problem, thanks in advance.

    • Robin on November 2, 2015 at 1:34 pm
    • Reply

    I too have the same problem as martin described. .. and i’ve reinstalled more than a couple of times.
    I get a warning that my connection is not private (NET::ERR_CERT_AUTHORITY_INVALID)

    1. Can you access the server by it’s IP, but without “/owncloud” at the end ?
      You don’t have the “Advanced” button ? If you click it, it should display the link to proceed. The connection is private, but the security certificate is self generated and therefore not trusted by your browser.

    • Raphael França on November 13, 2015 at 6:23 pm
    • Reply

    Tank you! very goooood!

    • Peter on May 6, 2016 at 11:57 pm
    • Reply

    Hi!
    Your tutorial works fine!
    In my configuration for owncloud is intended only 192.168.0.16/owncloud
    I have some other websites in my domain, 192.168.0.16 is main site, 192.168.0.16/lwt is another and so on.
    Now all my sites requesting ssl and displaying owncloud logo together with error message.
    How can I make only owncloud request ssl?

    1. This part tells the server to redirect http port 80 to https port 443, so you must comment it :

       <VirtualHost 192.168.0.16:80>
      RewriteEngine on
      ReWriteCond %{SERVER_PORT} !^443$
      RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
      </VirtualHost>
      
        • scott on May 9, 2016 at 9:52 pm
        • Reply

        Thank you! But now i cannot access owncloud haha

        how to I redirect all that comes through port 80, only via my /owncloud directory?

        • Morice on June 19, 2016 at 2:29 am
        • Reply

        thanks for your post, pretty useful. I am redirected to https://192.168.1.100:80/index.php. It changes the protocol but not the port. What am I doing wrong?

    • indra on May 18, 2016 at 2:49 pm
    • Reply

    thanks for easier guide,, i follow all step,, but i have a problem like this

    Bad Request

    Your browser sent a request that this server could not understand.
    Reason: You’re speaking plain HTTP to an SSL-enabled server port.
    Instead use the HTTPS scheme to access this URL, please.

    1. You need to use https instead of http when accessing Owncloud URL.

    • Antonio on May 19, 2016 at 6:13 pm
    • Reply

    Thank you so much! It is working perfectly!

    • Jeff on July 9, 2016 at 10:07 pm
    • Reply

    I’m doing this on an Amazon EC2 instance with ubuntu 16 and the steps you provide work great! Added an https rule for port 443 to the instance’s security group (didn’t check to see that this was necessary, just assumed it was).

    Thanks!

    1. Thanks for the info.

    • stefano on September 17, 2016 at 12:04 am
    • Reply

    Hello,
    i got this errors when i go to edit the /etc/apache2/conf-enabled/owncloud.conf
    Job for apache2.service failed. See ‘systemctl status apache2.service’ and ‘journalctl -xn’ for details

    • Joe on January 23, 2017 at 3:38 am
    • Reply

    I configured owncloud and when ever I go to https://192.168.1.10 it redirects me to https://192.168.1.10/owncloud. How do I disable redirect and make sure that I have to go to /owncloud to get access?

    • Luciano on July 13, 2017 at 11:16 pm
    • Reply

    Dear
    Congrats for your post! It worked on the first try!
    Tks
    Luciano Albano

Leave a Reply to Sandi Cancel reply

Your email address will not be published.

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.