HTTPS for Nextcloud behind SSH Tunnel

Nextcloud version (eg, 12.0.2): latest
Operating system and version: Ubuntu 18-04 LTS

Hello, everybody,

first a hello to everyone! I’m completely new here - so this is my first contribution!
I am a prospective IT specialist for system integration in my 2nd year of apprenticeship. So please have some indulgence with me

Now to my question:

My current status:

I have a server in my home where Nextcloud is installed. Nextcloud was currently installed via Snap on Ubuntu 18.04LTS. Additionally I have a vServer at Netcup, which is pointed to by a domain also rented at Netcup. Now I open a SSH tunnel from my local Nextcloud to the Netcup server where I “export” port 80 of the Apache to port 8080 of the Netcup vServer. This also works without problems!

Now to my problem:

Of course I also want to encrypt the transfer from end user to the Netcup vServer and so I generated a certificate for the domain on the Netcup server with letsencrypt certbot.
This also works without problems if I want to access the Netcup server directly.
But if I now build the SSH tunnel I have the problem that I get the following error message when I want to access port :8080 I get this error message:


Furthermore I cannot map the port directly to port :443 or :80, because I get the following error message in the shell:

Warning: remote port forwarding failed for listen port 80

Many thanks in advance!

Without some fancy use of rewriting headers I don’t think you can do that with SSL traffic SSL requires end-to-end encryption without use of middlemen (at least I believe).

I’m not sure what you want to do? Can you draw out your hops?

Why do you have vServer anyway as the intermediate?