I followed the directions from here, except that I had to make one very important addition before creating the certificate.
1. Install openssl and add it to apache:
sudo apt-get install openssl
sudo a2enmod ssl
sudo a2enmod rewrite
2. Make the SSL certificate. IMPORTANT: I had to set an environment variable before creating the certificate to give my server a name, otherwise the OwnCloud desktop client wouldn't accept the certificate.
export CN="owncloud" ## This is the important environment variable
sudo mkdir -p /etc/apache2/ssl
sudo openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key
sudo /etc/init.d/apache2 restart
3. I had to edit the OwnCloud configuration file so that https redirect works. Here is the new file from
/etc/apache2/conf-enabled/owncloud.conf
:<VirtualHost IP-address-of-server:80>
ServerName myowndomain.com
ServerAlias www.myowndomain.com
#### Redirect to port 443 ###
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
#### End of Redirection configuration ###
Alias /owncloud /usr/share/owncloud
<Directory /usr/share/owncloud/>
Options +FollowSymLinks
AllowOverride All
<IfVersion < 2.3>
order allow,deny
allow from all
</IfVersion>
<IfVersion >= 2.3>
Require all granted
</IfVersion>
</Directory>
</VirtualHost>
<VirtualHost IP-address-of-server:443>
ServerName myowndomain.com
ServerAlias www.myowndomain.com
####Configuration for SSL #####
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.pem
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
#### End of SSL Configuration ####
Alias /owncloud /usr/share/owncloud
<Directory /usr/share/owncloud/>
Options +FollowSymLinks
AllowOverride All
<IfVersion < 2.3>
order allow,deny
allow from all
</IfVersion>
<IfVersion >= 2.3>
Require all granted
</IfVersion>
</Directory>
</VirtualHost>
4. Lastly I restarted apache
sudo /etc/init.d/apache2 restart
and checked to see if the OwnCloud login was now accessible via https
and not http
.
5. Note that for the desktop and iOS clients, I think I had to give the full address of the server, i.e.
https://myowndomain.com/owncloud
.
No comments:
Post a Comment