Hi,
I hope someone can help.
Here is my architecture :
Nextcloud 14 is installed on Server 1 and accessible from (sorry for using pre-formatted text but as new user I can’t post more than 4 links…)
https://nextcloud.mydomain.tld
Nextcloud works fine.
I have installed Nextcloud following these instructions:
https://docs.nextcloud.com/server/14/admin_manual/installation/source_installation.html#example-installation-on-ubuntu-16-04-lts-server
Here is the configuration for server 1 :
Nextcloud 14
Ubuntu Server 16.04
Apache/2.4.34 (Ubuntu)
PHP OPcache
PHP-FPM
Cache php-apcu
SSL (Let’s Encrypt)
HTTP2
OnlyOffice Document Server is installed on Server 2 and accessible from https://onlyoffice.mydomain.tld
The page says:
Thank you for choosing ONLYOFFICE!
Document Server is running
I have installed Nextcloud following these instructions :
https://helpcenter.onlyoffice.com/server/linux/document/linux-installation.aspx
Here is the configuration for server 2 :
onlyoffice-documentserver 5.2.2-2
Ubuntu Server 16.04
Apache/2.4.18 (Ubuntu) --> Older than Server 1
SSL (Let’s Encrypt)
I use Apache as reverse proxy for OnlyOffice Document Server. I have changed the default port, OnlyOffice Document Server is listening on non-SSL port 8806.
Here is onlyoffice.mydomain.tld.conf :
<VirtualHost *:80>
ServerName onlyoffice.mydomain.tld
ServerAdmin me@domain.tld
RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [redirect=301]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName onlyoffice.mydomain.tld
ServerAdmin me@domain.tld
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Header always set Referrer-Policy "no-referrer"
SSLCertificateFile /etc/letsencrypt/live/onlyoffice.mydomain.tld/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/onlyoffice.mydomain.tld/privkey.pem
SSLEngine on
SSLProtocol all -TLSv1 -TLSv1.1 -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCompression off
SSLOptions +StrictRequire
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8806/
ProxyPassReverse / http://127.0.0.1:8806/
</VirtualHost>
</IfModule>
What’s the problem ?
In Nextcloud (Server 1) I open the ~/index.php/settings/admin#onlyoffice page with administrative settings for ONLYOFFICE section. I Enter the following address to connect ONLYOFFICE Document Server: https://onlyoffice.mydomain.tld/ and I click on “Save”.
Then there is an error message a few seconds on the top of the page : “Error when trying to connect (Error occurred in the document service)”
And the Nextcloud logs are saying :
Error onlyoffice Request converted file on check error: http://onlyoffice.mydomain.tld/cache/files/conv_check_193202075_docx/output.docx/empty%3Fdoc%3DeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhY3Rpb24iOiJlbXB0eSJ9.docx?md5=cxvWUer2d8mV8dqkqwgCwg==&expires=1539006888&disposition=attachment&ooname=output.docx Error occurred in the document service 2018-10-08T15:39:47+0200
Error PHP file_get_contents(http://onlyoffice.mydomain.tld/cache/files/conv_check_193202075_docx/output.docx/empty%3Fdoc%3DeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhY3Rpb24iOiJlbXB0eSJ9.docx?md5=cxvWUer2d8mV8dqkqwgCwg==&expires=1539006888&disposition=attachment&ooname=output.docx): failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden at /var/www/nextcloud/apps/onlyoffice/lib/documentservice.php#381
There is an error because Nextcloud is requesting OnlyOffice non-SSL pages (http://onlyoffice.mydomain.tld).
But onlyoffice.mydomain.tld is only accessible using SSL (https://onlyoffice.mydomain.tld).
Thanks for your help