Nextcloud Version: NC 21.0.0
Operating System: Ubuntu 20.04
Apache2 and PHP 7.4
Issue: I generated an ssl certificate and I want to install it on my virtual host. This is what my virtual host look like:
<VirtualHost *:443>
DocumentRoot "/var/www/nextcloud.example.com"
ServerName nextcloud.example.com
SSLEngine on
SSLCertificateFile /etc/ssl/certificate.crt
SSLCertificateKeyFile /etc/ssl/private/private.key
SSLCertificateChainFile /etc/ssl/ca_bundle.crt
<Directory "/var/www/nextcloud.example.com/">
Options MultiViews FollowSymlinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
TransferLog /var/log/apache2/nextcloud.example.com_access.log
ErrorLog /var/log/apache2/nextcloud.example.com_error.log
</VirtualHost>
Everytime I try to access my sub-domain, it appears the default apache2 ubuntu page instead of the nextcloud login page.
I figured out how to do it. I deleted the previous ssl certificate, though its not required, I just wanted to use a Let’s Encrypt certificate. I generated a Let’s Encrypt certificate with certbot manually, using this:
certbot --manual --preferred-challenges dns certonly
Then, I rewrited the apache2 virtual host file to this:
<VirtualHost *:80>
ServerName nextcloud.example.com
Redirect permanent / https://nextcloud.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName nextcloud.example.com
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/nextcloud.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/nextcloud.example.com/privkey.pem
DocumentRoot /var/www/nextcloud.example.com
<Directory /var/www/nextcloud.example.com/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud.example.com
SetEnv HTTP_HOME /var/www/nextcloud.example.com
RewriteEngine On
RewriteRule ^/\.well-known/carddav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]
RewriteRule ^/\.well-known/caldav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]
RewriteRule ^/\.well-known/host-meta https://%{SERVER_NAME}/public.php?service=host-meta [QSA,L]
RewriteRule ^/\.well-known/host-meta\.json https://%{SERVER_NAME}/public.php?service=host-meta-json [QSA,L]
RewriteRule ^/\.well-known/webfinger https://%{SERVER_NAME}/public.php?service=webfinger [QSA,L]
</Directory>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
TransferLog /var/log/apache2/nextcloud.example.com_access.log
ErrorLog /var/log/apache2/nextcloud.example.com_error.log
</VirtualHost>
And it worked!
PS: You can also run this command:
sudo certbot
And follow the instructions, at the end you don’t need to do anything, certbot does everything. If for some reason it doesn’t work, check if the virtual host is enebled, and restart apache2.
PS: The above commands are recommended for people that want to secure domains that have private IPs. If you have a domain pointing to your public IP, have setup portforwarding, and you can access it from anywhere; you just want to secure it, use this: sudo certbot --apache -d yourdomain.com