Any info from the logs? This is always a good starting point.
where can I find that ?
Usually under /var/log/apache2/.
Ok , found 3 different log
- access log
- error log
3.Other Vhost access log
which one?
I would check the error.log first.
This is log 1 , I have 2 error log file
[Sun May 19 20:52:28.819652 2019] [mpm_prefork:notice] [pid 1201] AH00169: caught SIGTERM, shutting down
[Sun May 19 20:52:28.932680 2019] [ssl:warn] [pid 8568] AH01906: 192.168.10.143:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sun May 19 20:52:28.932719 2019] [ssl:warn] [pid 8568] AH01909: 192.168.10.143:443:0 server certificate does NOT include an ID which matches the server name
[Sun May 19 20:52:28.932759 2019] [ssl:warn] [pid 8568] AH01916: Init: (localhost:443) You configured HTTP(80) on the standard HTTPS(443) port!
[Sun May 19 20:52:29.014941 2019] [ssl:warn] [pid 8569] AH01906: 192.168.10.143:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sun May 19 20:52:29.014976 2019] [ssl:warn] [pid 8569] AH01909: 192.168.10.143:443:0 server certificate does NOT include an ID which matches the server name
[Sun May 19 20:52:29.015032 2019] [ssl:warn] [pid 8569] AH01916: Init: (localhost:443) You configured HTTP(80) on the standard HTTPS(443) port!
[Sun May 19 20:52:29.018806 2019] [mpm_prefork:notice] [pid 8569] AH00163: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.0g configured – resuming normal operations
[Sun May 19 20:52:29.018834 2019] [core:notice] [pid 8569] AH00094: Command line: ‘/usr/sbin/apache2’.
Hey,
it looks to me that this shows where the issue is originating from:
Maybe you can find some more information on how to configure your web server in the manual of apache?
@Lula: Out of curiosity I’ve verified the recipe you mentioned in post #1. It works without any (unexpected) issue. So my conclusion is, you have missed or skipped something. Please redo or verify all the steps you took
1 Like
Hi,
Reading this error message, I would double check the SSL configuration in Apache. Perhaps mod_ssl is not enabled, or the vhost configuration on Port 443 is missing some crucial variables, like ‘SSLEngine on’ or other typical variables required for SSL.
Cheers,
Erik
1 Like
Hi
I did that Erik and I re install it
Now I can search with https but it comes up “this page is not safe”
Don’t you think this part of your error log could be the problem?
With what domain name have you issued your certificate, and what is your server name?
It was the previous log, I have reinstall appache2 and the owncloud ,
now it works with search fields https.
but it comes up (the page is not safe) as you see in the picture
here is the new log:
[Mon May 20 20:29:17.546902 2019] [ssl:warn] [pid 927] AH01906: 192.168.10.144:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon May 20 20:29:17.599724 2019] [ssl:warn] [pid 928] AH01906: 192.168.10.144:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon May 20 20:29:17.603557 2019] [mpm_prefork:notice] [pid 928] AH00163: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.0g configured – resuming normal operations
[Mon May 20 20:29:17.603582 2019] [core:notice] [pid 928] AH00094: Command line: ‘/usr/sbin/apache2’
Just one thing. On the picture one can see that the address is 192.168… This is a local address. Have you tried to access your owncloud instance from outside your LAN?
To do so you need to make the right redirection on your “box” or whatever allows you to access the Internet.
Yes I did and I can access with wan ip address when im the same internett
but when I try to access from the phone with the 4g Https://xxx.xxx.xxx
it says “this site is not available” but if I try with http:// it works!
Are you sure of the configuration of your virtual host?
According the 1st log snippet, your server has address 192.168.10.143, but now it is 192.168.10.144. Did you reconfigure the default-ssl.conf?
Did you adjust port forwarding?
I strongly hope, these are static addresses, right?
I forgot to set static ip, I did it now and re configured the file, had to restart the router because the port forwarding didn’t work 443 is open now , Now I can access outside the lan.
but why is firefox and chrome say certificate that is not valid
Firefox discovered a potential security threat and did not continue to wan xxx.xxx.xxx.xxx If you visit this site, the attackers may try to steal information such as passwords, emails, or credit card details.
accept risk and continue?
This is normal for that kind of certificates. As you trust your own certificate, you can define a permanent security exception in firefox.
use “let’s encrypt” (and it’s free) in order to generate your certificate for your domain, even if it is a ddns. I had a domain at noip.com something with xxxx (dot) zapto (dot) org and it was working. (looks like new users can put only two links in a post… )
I used this link for my ubuntu 18.04:
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04
1 Like
Yes, of course it would be a far better solution. I wasn’t aware that is works with dynamic addresses. Thanks @protektwar.
1 Like