Https/ssl not working

Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 12.0.2): 18.03
Operating system and version (eg, Ubuntu 17.04): Ubuntu 18.4.03 LTS
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.29
PHP version (eg, 7.1): 7.2.24
The issue you are facing:
Warning about using insecurely HTTP and recommending setting up HTTPS

Is this the first time you’ve seen this error? (Y/N):N

Steps to replicate it:

The output of your Nextcloud log in Admin > Logging:

PASTE HERE

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

PASTE HERE

The output of your Apache/nginx/system log in /var/log/____:

PASTE HERE

I have followed nextcloud recommendations as well as other sources to set up SSL HTTPS access to my local nextcloud instance but no success. I still can HTTP but not HTTPS to it (192.168.0.27). I used to get warning message AH1906 in error.log but I have managed to get rid of it. The apache2 started up with no error or warning now but the problem exists i.e. still the warning message from nextcloud/overview. I am lost now how to fix this problem … below are some of the default-ssl.conf file …

    <VirtualHost *:80>
         RewriteEngine On
         RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
    </VirtualHost>

    <VirtualHost _default_:443>
            # ServerAdmin webmaster@localhost
            ServerAdmin email@example.net
            ServerName 192.168.0.27
            ServerAlias zung-vm
            DocumentRoot /var/www/html



SSLEngine on

            #   A self-signed (snakeoil) certificate can be created by installing
            #   the ssl-cert package. See
            #   /usr/share/doc/apache2/README.Debian.gz for more info.
            #   If both key and certificate are stored in the same file, only the
            #   SSLCertificateFile directive is needed.
    #       SSLCertificateFile      /etc/ssl/certs/ssl-cert-snakeoil.pem
    #       SSLCertificateKeyFile     /etc/ssl/private/ssl-cert-snakeoil.key
            SSLCertificateFile    /etc/apache2/ssl/server.crt
            SSLCertificateKeyFile /etc/apache2/ssl/server.key




Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav
Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav

    SSLProtocol         all -SSLv3 -TLSv1 -TLSv1.1  -TLSv1.2
    SSLHonorCipherOrder off
    SSLSessionTickets   off

SSLUseStapling on

SSLStaplingCache “shmcb:logs/ssl_stapling(32768)”

Do you want to use an Lets Encrypt Certificate?
If yes only create the http-config and then use “certbot”.

You’ve given us very little information to go on. It’s not clear what you’re trying to do.

Are you using a self-signed certificate? A Let’s Encrypt certificate? A certificate you’ve paid for through some other Certificate Authority?

You can’t use certificates with an IP address unless you’ve created your own self signed certificate. Also, you’ve specified a local LAN IP address so it could have issues if you’re trying to connect from outside your LAN. The ServerAlias is also not a fully qualified domain name, which can cause issues depending on your setup. You also haven’t provided us with your domain so we can see any errors ourselves.

To get this Nextcloud error message, are you specifying https in your browser? Or are you just entering the domain name (whatever it is) and letting it choose the default http? Have you changed the domain you’re using since installing Nextcloud? (That’s also a potential source of error messages.)

Are you using your phone to connect to get this error? Because you’ve limited access to TLS1.3, which almost no phones support (TLS1.3 support was only introduced with Android Q).

You’ve provided no real information here, yet I can see many potential sources of trouble. But we can’t help further unless you actually tell us what you’ve done. You didn’t fill out the steps you took to get the error (you left those blank), and you didn’t paste your logs or config.php as the template requested.

You say you’ve followed Nextcloud recommendations, but you didn’t even follow the support template. We can’t help you unless you tell us what you’ve done.

I believed I created self-signed certificates using Openssl as suggested here https://hostadvice.com/how-to/how-to-install-a-self-signed-ssl-certificate-for-apache-on-ubuntu-18-04-server/ . This is a start so I just need to connect to Nextcloud within LAN. When I specified ‘https://192.168.0.27/nextcloud’ in a browser from a PC it was just spinning and timed out eventually . The Admin log showed no error related to this issue. I will try to paste config.php … I saw no errors in /var/log/apache2/error.log . To me Apache startup was successful with no warning or error.

Here is config.php

<?php $CONFIG = array ( 'instanceid' => 'ocvki0l4q7no', 'passwordsalt' => 'ydt6/RIOf9Gsy+muVHLYktRy/simNu', 'secret' => '3nsW2nKN8foEY6miwHcbCRM4lTOMP03yZvjjZjX//TCssOVh', 'trusted_domains' => array ( 0 => 'localhost', 1 => 'zung-vm', 2 => '192.168.0.27', ), 'memcache.local' => 'OC\Memcache\APCu', 'datadirectory' => '/media/zung/New Volume/shared/data', 'dbtype' => 'mysql', 'version' => '18.0.3.0', 'overwrite.cli.url' => 'http://localhost/nextcloud', 'dbname' => 'nextclouddb', 'dbhost' => 'localhost', 'dbport' => '', ), 'memcache.local' => 'OC\Memcache\APCu', 'datadirectory' => '/media/zung/New Volume/shared/data', 'dbtype' => 'mysql', 'version' => '18.0.3.0', 'overwrite.cli.url' => 'http://localhost/nextcloud', 'dbname' => 'nextclouddb', 'dbhost' => 'localhost', 'dbport' => '', 'dbtableprefix' => 'oc_', 'dbuser' => 'nextcloud', 'dbpassword' => 'xxxxxx', 'installed' => true, 'maintenance' => false, 'mysql.utf8mb4' => true, );

Thank you to DevNull … I will be looking into it!

Read