Then I've installed Collabora Online app from repository and Collabora docker image to the same server. Collabora docker image instruction here https://nextcloud.com/collaboraonline/
When I am trying to open Office in APP section in ownCloud I see this error
Collabora Online: Сертифікат SSL не встановлено.
Please ask your administrator to add ca-chain.cert.pem to the ca-bundle.crt, for example "cat /etc/loolwsd/ca-chain.cert.pem >> /resources/config/ca-bundle.crt" . The exact error message was: cURL error 60: SSL certificate problem: self signed certificate in certificate chain
I am sure that my bundle file is ok, because the same config file in vhost for https://owncloud.mydomain.com and it's work without error.
I've added my bundle-ca to /var/www/owncloud/resources/config/ca-bundle.crt It doesn't help.
Moved to the miscellaneous category as this is a 3rdparty docker image not related to ownCloud.
The docker image itself is using a self-signed certificate. Thats why you should use a nginx or apache webserver in front of the docker image providing a valid certificate like described in various resources collected here:
I use Apache as reversed proxy, but problem still here.
Maybe problem with my reverse proxy? How can I check ?
ServerName office.nextcloud.com:443
# SSL configuration, you may want to take the easy route instead and use Lets Encrypt! SSLEngine on SSLCertificateFile /path/to/signed_certificate SSLCertificateChainFile /path/to/intermediate_certificate SSLCertificateKeyFile /path/to/private/key SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS SSLHonorCipherOrder on
# Encoded slashes need to be allowed AllowEncodedSlashes On
# Container uses a unique non-signed certificate SSLProxyEngine On SSLProxyVerify None SSLProxyCheckPeerCN Off SSLProxyCheckPeerName Off
There are other tools available as previously advised:
A search on google should give you also other tools / resources how to check your SSL configuration if that reverse proxy is not reachable from the internet.
I have the same error, but I actually use a self signed certificate via Let's Encrypt. Do you have any idea how I can configure LOOL to work with that? Official documentation does not support self signed certificates.
EDIT: Nevermind... I thought I've added LOOL certificate to owncloud ca-bundel.crt, but did not. I found it in the docker container mounted aufs.