Problem with Installing Collabora Online

I have just installed owncloud with self signed certificate. After, I installed Collabora Online applkication in the market and found error messages as follows.

Collabora Online: SSL certificate is not installed.

Please ask your administrator to add ca-chain.cert.pem to the ca-bundle.crt, for example “cat /etc/loolwsd/ca-chain.cert.pem >> /resources/config/ca-bundle.crt” . The exact error message was: cURL error 60: SSL certificate problem: self signed certificate

May I know the cause of problem? Can I take self signed certifcate for Collabora Online?

Hello Simon,

did you install the appliance or ownCloud on a dedicated server?

Best Regards

Dmitry

I installed owncloud on AWS EC2

Can you tell me how you installed ownCloud?

I installed owncloud on Ubuntu 20.04 referring to the official document (see Install ownCloud on Ubuntu 20.04 :: ownCloud Documentation).

Then, I installed self signed certificate referring to the Digital Ocean(see How To Create a Self-Signed SSL Certificate for Apache in Ubuntu 20.04 | DigitalOcean)

Okay, so far so good. What is your goal?

I strongly recommend to use Lets Encrypt certificates instead of self-signed ones.

If you still want to use self-signed certs, you have to work around to fix the certificates trust chain https://www.thesslstore.com/knowledgebase/ssl-support/explaining-the-chain-of-trust/. As the error message stated already, you would have to add the CA certificate that was used to sign the self-signed certificate to the ca bundle of your server.

Even if the error message recommend adding the root CA via cat that’s wrong, and you would have to use the occ command to add it. Editing this file manually will cause multiple problems.

See also https://doc.owncloud.com/server/latest/admin_manual/configuration/server/occ_command.html#security and https://doc.owncloud.com/server/latest/admin_manual/configuration/server/import_ssl_cert.html

But I would still not recommend this way and prefer to use Let’s Encrypt certificates instead.

I want to have office on owncloud and edit documents on browser.

do you need this local only for you and your private network or should it be online accessible for everyone?

I will only allow some office ip to access the owncloud by the security group of ec2.

If you don’t want to do much work and only need ownCloud and Office in your private network I would recommend using the appliance if you don’t plan on too many users. There you will have most of the stuff pre-configured, you then just have to select what you want in the webUI and choose the office app to install.

Here is our documentation on the appliance if you have questions

https://doc.owncloud.com/server/10.8/admin_manual/appliance/installation/installation.html

without true domain name, I could not use Lets Encrypt.

That’s right, but I also added already how to add the CA used for self-signed certs to the bundle that is used by ownCloud :slight_smile:

Thanks for your information. I have tried importing self signed certificate using command below.

sudo -u www-data php /var/www/owncloud/occ security:certificates:import /etc/ssl/certs/apache-selfsigned.crt

Still, I found error message on web console as follows. Do you know the cause of problem?

Collabora Online unknown error: Client error response [url] https://x.x.x.x/hosting/discovery [status code] 404 [reason phrase] Not Found