Nextcloud is broken after Installing ssl with lets encrypt

epano · September 21, 2020, 3:07pm

Hello Im having an issue on configuring nextcloud with ssl certificate:

Nextcloud version _19.0.3
Operating system and version _Ubuntu 20.04
Apache _Apache 2.4.25
PHP version _7.4

I was able to install and configure it correctly, below find the vhost config:
path: /etc/apache2/sites-available/nextcloud.conf

    <VirtualHost *:80>
            DocumentRoot "/var/www/nextcloud"
            ServerName adf.projectcloud.site
            ServerAlias www.adf.projectcloud.site
            ServerAdmin adf.contracts@gmail.com

            ErrorLog ${APACHE_LOG_DIR}/nextcloud.error
            CustomLog ${APACHE_LOG_DIR}/nextcloud.access combined

            <Directory /var/www/nextcloud/>
                Require all granted
                Options FollowSymlinks MultiViews
                AllowOverride All

               <IfModule mod_dav.c>
                   Dav off
               </IfModule>

            SetEnv HOME /var/www/nextcloud
            SetEnv HTTP_HOME /var/www/nextcloud
            Satisfy Any

           </Directory>

    RewriteEngine on
    RewriteCond %{SERVER_NAME} =adf.projectcloud.site [OR]
    RewriteCond %{SERVER_NAME} =www.adf.projectcloud.site
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
    </VirtualHost>

The Rewrite was added after installing ssl. So After Installing the ssl with lets encrypt my site was broken:
path: /etc/apache2/sites-available/nextcloud-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
        DocumentRoot "/var/www/nextcloud"
        ServerName adf.projectcloud.site
        ServerAlias www.adf.projectcloud.site
        ServerAdmin adf.contracts@gmail.com

        ErrorLog ${APACHE_LOG_DIR}/nextcloud.error
        CustomLog ${APACHE_LOG_DIR}/nextcloud.access combined

        <Directory /var/www/nextcloud/>
            Require all granted
            Options FollowSymlinks MultiViews
            AllowOverride All

           <IfModule mod_dav.c>
               Dav off
           </IfModule>

        SetEnv HOME /var/www/nextcloud
        SetEnv HTTP_HOME /var/www/nextcloud
        Satisfy Any

       </Directory>


Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/adf.projectcloud.site/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/adf.projectcloud.site/privkey.pem
</VirtualHost>
</IfModule>

The issue im facing:

The site doesnt respond after installing ssl. I am new in Linux System so please can u help me to solve these problem.

The output of config.php file in /var/www/nextcloud/config/config.php

<?php
    $CONFIG = array (
      'instanceid' => '',
      'passwordsalt' => '',
      'secret' => '',
      'trusted_domains' => 
      array (
        0 => 'adf.projectcloud.site',
      ),
      'datadirectory' => '/var/www/nextcloud/data',
      'dbtype' => 'mysql',
      'version' => '19.0.3.1',
      'overwrite.cli.url' => 'http://adf.projectcloud.site',
      'dbname' => 'nextcloud',
      'dbhost' => 'localhost',
      'dbport' => '',
      'dbtableprefix' => 'oc_',
      'mysql.utf8mb4' => true,
      'dbuser' => 'user',
      'dbpassword' => 'password',
      'installed' => true,
      'allow_local_remote_servers' => true,
      'ldapIgnoreNamingRules' => false,
      'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
    );

Thanx in advance.

Vincent_Stans · September 21, 2020, 5:05pm

Start changing config.php line

‘overwrite.cli.url’ => ‘http://adf.projectcloud.site’,

To

‘overwrite.cli.url’ => ‘https://adf.projectcloud.site’,

/etc/apache2/sites-available/nextcloud.conf

Only needs

‘’’
<VirtualHost *:80>
Redirect permanent / https://sub.domain.tld/
ServerName domain.tld
DocumentRoot /var/www/nextcloud
ServerAlias www.domain.tld cloud.domain.tld

‘’’

epano · September 21, 2020, 10:29pm

Thank you Vincent but it doesn’t work

KarlF12 · September 21, 2020, 10:56pm

epano:

    RewriteCond %{SERVER_NAME} =adf.projectcloud.site [OR]
    RewriteCond %{SERVER_NAME} =www.adf.projectcloud.site
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

If you comment these 3 lines, are you able to access it via HTTP and/or HTTPS?

Meaning you receive a timeout in the browser? Or some other error?

Go to SSL Server Test (Powered by Qualys SSL Labs) and test your HTTPS configuration. It may be something peculiar about your client too.

epano · September 22, 2020, 7:03am

Thank you Karl. After commenting 3 lines, i was able to access it via http correctly.

With https it doesn’t work. Also the test page for https configuration send error message:

Assessment failed: Unable to connect to the server.

The port 443 is open, what can i do else? Thnx

KarlF12 · September 22, 2020, 10:42am

It sounds like the port isn’t open (or at least isn’t reachable from outside). Double check your firewall(s) and make sure everything is right. Can you reach it via HTTPS from the same network?

It’s also possible that your ISP could be blocking port 443. You can try changing the port and see if it goes through. Change the Apache HTTPS port here and then restart Apache, and don’t forget to also adjust your port forwarding:

epano · September 22, 2020, 2:47pm

Hey Karl i found the problem. I m using Forti guard before the server and i had to create some policy rules for opening the port 443. Thank you for helping me.

Best regards

KarlF12 · September 22, 2020, 3:54pm

Sure, no problem. You’ll want to uncomment those lines again and reload Apache because that rewrite rule makes clients automatically roll over to HTTPS.

hostk2020 · September 29, 2020, 4:51am

install ssl before it but after. I have a bigger server I will run a test. Allow port 443 80. I would copy to data to a backup folder and install ssl first and then install nextcloud.