Connection not secure

Hello,

Complete noob here, trying to migrate from Google to NextCloud. I just installed NextCloud on Linode using the Linode Marketplace.

Now trying to access my NextCloud portal with [my_ip]/nextcloud it only works with an HTTP connection and not HTTPS.

It obviously made me twitch a little :worried:

Did I miss something during setup?

Sorry i do not use or know Linode. But read this.
I think you need a domain, subdomain or hostname (DNS).

Hi @apalfalba

Alternatively, you could use a self-signed certificate. Alltough I wouldn’t recommend this for production use, especially if you want to share files with other users, because with self signed certs they will get a security warning whenever they visit your site. However for testing purposes it is perfectly fine.

As I understand it, the “One Click” Apps use a normal Debian or Ubuntu VM and then automatically install the application on it via a script. So it should be possible to log on to the Linode machine via SSH and then follow these instructions…

Right so you’re implying (also from @bb77 's response) that I need to setup a DNS and the security comes with that?

(New stuff to me, but if that’s the case then I can just add some domain easily).

PS: now the question is how to add the domain after creating the instance on Linode.

Sorry. DNS is the wrong word. You need a DNS name for your IP address.
Do you have a domain? Can you configure subdomains?

I have a domain. I think I can do some subdomain. That should be in Linode Doc surely.

Self-signed certificates are not considered insecure because the encryption would be less secure, but for various other reasons that could be discussed here at length. Here are a few arguments and reasons Why Self-Signed Certificates Are Evil – Revocent

The following two points are relevant in this context for you

  1. A connection directly to the IP address is only possible with either no encryption or with a self-signed certificate. No CA in the world will issue a certificate to an IP address… see also the explanations in the link above.

  2. DNS is not (primarily) needed for security. But the domain name, which you need to get a signed certificate (e.g. Let’s Encrypt), needs DNS. Otherwise, your browser or applications cannot know which IP address to connect to, when you enter the domain name.

I don’t use Linode myself. But they also offer Domain registration and DNS services. The easiest way is probably to register the domain with them and use their DNS Manager. Then you could use the instructions @devnull linked, in order to add it to the already existing installation. Or simpley recreate your Linode instance, after you registred your domain name and set up your DNS…

1 Like

You can set in your domain setting a CNAME for cloud.domain.tld to your IP address. Then use the name cloud.domain.tld for your nextcloud and ssl settings. If Linode does not support it you can perhaps install own certificates from Lets Encrypt. With root access perhaps with “certbot”.

1 Like

Thanks a lot. A bit of a learning curve here, but I’ll make it. :rocket:

2 Likes

Hi! So I solved this with the help of the Linode IRC community. Super cool people!

I followed these steps:

  1. Setting up a Domain
  2. Setting up SSL certificates with Certbot.

Case closed!