Change from http to https

vinc · October 27, 2018, 8:36am

hello

I hade my nextcloud in my local lan with http.

I wished to change it to https
and found a doc there:
https://docs.nextcloud.com/server/14/admin_manual/configuration_server/harden_server.html?highlight=feature%20policy

vi /etc/apache2/sites-available/nextcloud.conf
<VirtualHost *:80>
ServerName 10.147.42.85/
Redirect permanent / https://nextcloud.kozo.ch/

<VirtualHost *:443>
ServerName 10.147.42.85/

Header always set Strict-Transport-Security “max-age=15552000; includeSubDomains”

TransferLog /var/log/apache2/nextcloud_access.log
ErrorLog /var/log/apache2/nextcloud_error.log

and done a

/etc/init.d/apache2 restart

the problem i don’t have access to the site any more

have a nice day
vincent

Humbug1 · October 27, 2018, 5:05pm

Hi,

Did you enable SSL in your apache-settings?
Does the page open if you try https://10.147.42.85?
is https://nextcloud.kozo.ch/ already accessable from extern, or better…do you get requests in your apache`s access-logfile when you try to open the page?
What shows your logfiles in general?

At first, try to change:

Redirect permanent / https://nextcloud.kozo.ch/ to Redirect permanent / https://10.147.42.85/
Check apache config (“apachectl -t” or “apachectl configtest”), if it says “Syntak OK”, then “apachectl restart” and check if page opens

if you opened the page via ip-address until now, you won’t have access anymore because every request will be redirected to the URL, which (can be) isnt accessable by now. With the example above (changing Redirect-URL), you can test if the call would from http -> https would work with ip-address. if that doesnt work, check your logfiles.

Dridhas · October 28, 2018, 4:10am

You can also download certbot auto and it will take care of redirecting to https

vinc · October 29, 2018, 9:27pm

@Dridhas
certbot: error: unrecognized arguments: auto

@Humbug1, thanks for your feedback
on the page i got a
chrome say: ERR_SSL_PROTOCOL_ERROR
firefox say : SSL_ERROR_RX_RECORD_TOO_LONG

apachectl i got a config OK

i did worte down what i did there: http://wombat3.kozo.ch/j/lamp/131-apache/9814-nextcloud-http-to-https

ERR_SSL_PROTOCOL_ERROR
i have to find out why this happen

in the log files
/var/log/apache2/nextcloud_access.log 10.147.42.147 - - [29/Oct/2018:22:21:00 +0100] “\x16\x03\x01\x02” 400 305
10.147.42.147 - - [29/Oct/2018:22:21:00 +0100] “\x16\x03\x01\x02” 400 305
10.147.42.147 - - [29/Oct/2018:22:21:00 +0100] “\x16\x03\x01\x02” 400 305
10.147.42.147 - - [29/Oct/2018:22:21:00 +0100] “\x16\x03\x01” 400 305

/var/log/apache2/error.log
[Mon Oct 29 22:11:57.952862 2018] [mpm_prefork:notice] [pid 5497] AH00163: Apache/2.4.25 (Debian) OpenSSL/1.0.2l configured – resuming normal operations
[Mon Oct 29 22:11:57.952929 2018] [core:notice] [pid 5497] AH00094: Command line: ‘/usr/sbin/apache2’
[Mon Oct 29 22:14:47.577587 2018] [mpm_prefork:notice] [pid 5497] AH00169: caught SIGTERM, shutting down
[Mon Oct 29 22:14:47.676217 2018] [mpm_prefork:notice] [pid 5586] AH00163: Apache/2.4.25 (Debian) OpenSSL/1.0.2l configured – resuming normal operations
[Mon Oct 29 22:14:47.676272 2018] [core:notice] [pid 5586] AH00094: Command line: ‘/usr/sbin/apache2’

system · September 23, 2024, 5:44pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.