Enabling SSL for nextcloud, running locally in docker (image: nextcloud:latest, letsencrypt)

#1

Hi!

Followed this instruction: https://blog.ssdnodes.com/blog/installing-nextcloud-docker/

image: nextcloud:latest

all works and running except the HTTPS, seems no certs are applied. It supposed to work out of the box as explained in the article above. letsencrypt is there.

I do have proxy/certs folder with .crt, .key and .pem files.

in /etc/hosts, where I use my-domain, go there with HTTP://my-domain no problem, but not with HTTPS, SSL is still not set… Does not work.

How to make it work?

Thanks!

0 Likes

#2

you don’t have a real internet domain? -> you don’t get a letsencrypt certificate.

error messages are? what’s in the logs?

e.g.:

docker logs letsencrypt
0 Likes

#3

Yes, I do not have a public domain yet associate with it. It is local machine. Want to make it work locally first, then expose publicly.

I created a domain that ends on .home (not .com, or .ne, .org… etc) in /etc/hosts. This seems the problem.

docker logs nextcloud-letsencrypt

2019/04/16 22:52:08 [notice] 222#222: signal process started
2019-04-17 02:52:09,672:INFO:simp_le:1407: By using simp_le, you implicitly agree to the CA’s terms of service: https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
ACME server returned an error: urn:acme:error:malformed :: The request message was malformed :: Error creating new authz :: Name does not end in a public suffix

– from their site.

" Let’s Encrypt can’t provide certificates for “localhost” because nobody uniquely owns it, and it’s not rooted in a top level domain like “.com” or “.net”. It’s possible to set up your own domain name that happens to resolve to 127.0.0.1, and get a certificate for it using the DNS challenge. However, this is generally a bad idea and there are better options."

Ok…

0 Likes

#4

the ceritificate type (selfsigned or letsencrypt) doesn’t make a difference in terms of security. should be only a matter of trust.

0 Likes