[SOLVED] Apache2 Default Page instead of NC on https

optimistic5 · June 17, 2018, 7:46pm

Nextcloud version (13.0.4):
Operating system and version (Ubuntu 18.04):
Apache version (Apache 2.4.29):
PHP version (7.1.18):

I installed NC with zip,
changed url of NC from domain/nextcloud to domain
enabled ssl

and now I can access NC via http://ip but when I go to https:/ip I see Apache2 Ubuntu Default Page
How to turn on NC in https address?

The output of /var/www/html/nextcloud/config/config.php:

<?php
$CONFIG = array (
  'instanceid' => 'xx',
  'passwordsalt' => 'xx',
  'secret' => 'xx',
  'trusted_domains' => 
  array (
    0 => '192.168.0.138',
  ),
  'datadirectory' => '/var/www/html/nextcloud/data',
  'overwrite.cli.url' => '/',
  'dbtype' => 'mysql',
  'version' => '13.0.4.0',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'xx',
  'dbpassword' => 'xx',
  'installed' => true,
);

The output of ls -l /etc/apache2/sites-enabled:

total 8
-rw-r--r-- 1 root root 6338 июн 17 19:18 default-ssl.conf
lrwxrwxrwx 1 root root   33 июн 16 20:16 nextcloud.conf -> ../sites-available/nextcloud.conf

The output of /etc/apache2/sites-available/nextcloud.conf:

<VirtualHost *:80>
     ServerAdmin admin@example.com
     DocumentRoot /var/www/html/nextcloud/
     ServerName 192.168.0.138
     ServerAlias 192.168.0.138

     Alias /nextcloud "/var/www/html/nextcloud/"

     <Directory /var/www/html/nextcloud/>
        Options +FollowSymlinks
        AllowOverride All
        Require all granted
          <IfModule mod_dav.c>
            Dav off
          </IfModule>
        SetEnv HOME /var/www/html/nextcloud
        SetEnv HTTP_HOME /var/www/html/nextcloud
     </Directory>

     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

The output of /etc/apache2/sites-enabled/default-ssl.conf

JasonBayton · June 17, 2018, 11:23pm

Either add a 443 virtualhost to nextcloud.conf and disable the default ssl conf, or edit the default ssl conf to point to /var/www/html/nextcloud to match nextcloud.conf.

Keep in mind you’d be recommended to set hostheaders and other attributes on the SSL config also.

stratege1401 · June 18, 2018, 11:52am

yep, all said.

Usually, use a permanent redirect to 443.

If you use letsencrypt for your certificate, the cerbot process ask you if you want to permanently do a 443 redirection, witch basically transform you http server in a full https.

optimistic5 · June 18, 2018, 3:46pm

great! I changed string in file /etc/apache2/sites-enabled/default-ssl.conf
from
DocumentRoot /var/www/html
to
DocumentRoot /var/www/html/nextcloud
and it works!

Sorry, don’t understand. Can you tell a little bit more?

optimistic5 · June 18, 2018, 3:47pm

I use self signed certificate because I don’t have any domain, so I can’t use lets encrypt

stratege1401 · June 18, 2018, 4:10pm

a domain is like 10 USD / years … and a working https is now really needed for http2 and others stuff.
i use a ovh dns, it cost me 14 EUR for a year… my domain look like aaa.bbb.ovh
and with letsencryp it is like https://nextcloud.whatever.ovh ou https://something.whatever.ovh with a secure1

I am very lucky to have a 1GB symetric FTTH connection, so i can host my server at home.
But my ISP is giving me a non-fixe IP.
So i use one of my always on machine to do a dns update.

@JasonBayton is meaning that you need to tune up your ssl config to match all real life requirements.

optimistic5 · June 18, 2018, 4:30pm

I just checked.
I have ERR_SSL_PROTOCOL_ERROR if connecting via ip with self signed ssl.
Yes, I think @stratege1401 you are right - it is better to buy a domain.
So self signed ssl with IP have no sense.

stratege1401 · June 18, 2018, 4:36pm

they still make sense for local testing… and they are free.

But with modern browser like chrome they soon be dead …

I know it is a hassle, but it make sense on a security logic.

Further more, if you use yubikey or other security hardware devices, it make sens too.