Problem with HTTPS (new install)

ssl
webserver_issue

#1

Hi, I am posting here as it is a new install and I was following the oC 9 install guide so it seems appropriate.

I have got oC up and running on the production machine and am now setting up a test box. As the production install was my first install there was a bit of trial and error. I did make notes but must of missed something. I got the basic install working through HTTPS and then did the following to enable HTTPS (from https://doc.owncloud.org/server/9.0/admin_manual/installation/source_installation.html#enabling-ssl):

a2enmod ssl
a2ensite default-ssl
service apache2 reload
a2enmod rewrite

I also changed 'overwrite.cli.url' in config.php to https URL.

Using Firefox when I go the the owncloud URL I get:

Your connection is not secure

The owner of saturn_.domain.com_ has configured their web site improperly. To protect your information from being stolen, Firefox has not connected to this web site.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.

Learn moreā€¦

Report errors like this to help Mozilla identify misconfigured sites

saturn.prsc-cloud.org uses an invalid security certificate.

The certificate is not trusted because it is self-signed.
The certificate is only valid for saturn

Error code: SEC_ERROR_UNKNOWN_ISSUER

What Have I missed?

Regards,
Ben

Server configuration
Operating system: Ubuntu 15.10 / Web server: apachie2 2.4.7
Database: MariaDB 5.5 / PHP version: 5.5.9
ownCloud version: 9.0.3 (upgraded from 9.0.2)


#2

Please keep this thread in the Off-Topic category (havn't moved it there just for fun :slight_smile:) HTTPS, especially the configuration of it is something which needs to be configured in your webserver. Its not related to ownCloud itself so the oC 9.0.x category doesn't fit.


#3

Just to answer your question:

The posted error already shows the two issues you have:

  • The certificate is not trusted because it is self-signed.
  • The certificate is only valid for saturn

There should be tons of tutorials out there guiding you how to configuring SSL correctly. A good example for this is:

https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04


#4

Thanks, created a certificate with Lets Encrypt and it worked fine.

thought I had accidental marked f off-topic, did not realise it was changed by an admin. you guys are like ninjas;).