HSTS/SSL Issue (New Asus DDNS Server)

Server
,
1

Steps to reproduce

  1. New Asus router with built in SSL via Letsencrypt for DDNS
  2. Existing Owncloud installation with separate SSL certificates
  3. Error 400 when accessing via DDNS, HSTS; NET::ERR_CERT_AUTHORITY_INVALID

Expected behaviour

Access to server via DDNS.

Hi all, I recently changed out my router which provides my DDNS server for my setup. Asus router with it’s own SSL certificate. I am unable to access my server remotely due to security issues, and I’m just looking for some advice to get on the right track. Prior to upgrading my router, there were no issues with SSL, and I am still able to access the web interface through the localhost.

It seems as though the SSL certificate for the Asus router and the the certificate used for Owncloud are different, which is preventing access. Apache server can be accessed via DDNS, but not the Owncloud Server.

Is there a way to import the Asus SSL certificate for use with the server SSL? Export is easy, but I’m unsure how to import and configure properly if that is the case.

Thanks in advance, I can provide any additional info as required.

2

Hey,

from what i know ownCloud is “just” a web application written by PHP and “served” by a web server like Apache and thus has nothing to do with HSTS or SSL.

I think you could lookup the documentation of the web server to gain knowledge how to solve this problem and configure / use the correct certificates.

2 Likes
3

Thanks! I’ll start with that and maybe try to reconfigure my SSL settings from scratch.

4

Still at a loss for now. My apache server can be accessed no problem, SSL tests come back as A+, but when attempting to access Owncloud the connection is blocked.

Could this have something to do with the Asus router obtaining an SSL certificate that is different from the one on my Ubuntu server? I’ve attempted to temporarily disable HSTS in my Apache Virtualhosts configuration to see if I can connect, but no such luck.

owncloud not private
owncloud not private661×603 54.5 KB

5

Resolved!

My URL was bad. I had originally configured with the port in the URL; https://mydomain.com:50001/owncloud, but with my new configuration I had to remove the port and use https://mydomain.com/owncloud.

1 Like