Enable and Configure SSL for ownCloud on Ubuntu for Secure Access

You are accessing this site via HTTP. We strongly suggest you configure your server to require using HTTPS instead as described in our security tips.

In this post we will learn, how to enable and configure SSL on Owncloud 8 in Ubuntu 14.04 LTS Server.

If you are looking to enable SSL on your raspberry PI then  Click Here to Enable SSL on Raspberry PI Owncloud

Step 1: Install Owncloud 8 on Ubuntu 14.04 LTS

I have already written a post on “How to install Owncloud on Ubuntu 17.04”.

Step 2: Enable SSL, Open the terminal and run the following command:

sudo a2enmod ssl

Step 3: Create a new directory for the self signed certificate

sudo mkdir /etc/apache2/ssl

Step 4: Create the self signed certificate and the server key that protects it, and placing both of them into the new directory

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/owncloud.key -out /etc/apache2/ssl/owncloud.crt

Note: The above certificate is valid for 365 days. We have mentioned validity days in the command.

Step 5: Now we need to setup the certificate

sudo nano /etc/apache2/sites-available/default-ssl.conf

The lines that need changing are the following

ServerName LAN IP :443
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.crt
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key

enable-SSL-Raspberry-PI

Once the lines has been modified Exit and save.

Step 6: Activate the new virtual host

sudo a2ensite default-ssl

Step 7: Restart apache

sudo service apache2 restart

Step 8: If prompted the Apache2 could not reliably determine the server’s fully qualified domain name:

echo "ServerName localhost" | sudo tee /etc/apache2/conf-available/fqdn.conf

Video Tutorial:

You May Also Like

About the Author: Miguel

I started this tech blog back in 2011 as a place to write down processes I took to fix my client systems and network. Now I write some tips and tricks to help others with the tech issues that one might encounter.

10 Comments

  1. Hey this was a fantastic tutorial. I was able to flow it with ease.

    I do however have one question,
    my connection states still being insecure even after adding the exception: The “Strict-Transport-Security” HTTP header is not configured to at least “15552000” seconds. For enhanced security we recommend enabling HSTS as described in our security tips.

    Any idea what I need to do?

  2. Hi, what is the ServerName to put into default-ssl.conf? I tried the IP address with :443 of my Raspi but it resulted in Apache2 not able to restart. Also “LAN IP :443” did not work.

    HELP

  3. Hi Miguel,
    When I follow to step 5 command, the result default-ssl conf show “empty conf”, i.e. without any text inside. Could you please advise how to resolve it or reinstall that conf?

    Appreciate so much for your help

    1. Look carefully at the copied command, there is probably a space somewhere. Or write the command in stead of copying it.

Leave a Reply

Your email address will not be published. Required fields are marked *