SSL for internal use only?

Hi there,
I am using NC at my ubuntu pc now. Mainly for “memories” and sharing movies to kodi at android tv. Nothing else… And thats, why nc should not be reachable from outside. No Domain, Dyndns, …
My question is: Is http on port 80 ok for this? Pc - of course - has internet.
Thank you.

If it is uniquely in a local network, it’s perhaps not really required. However, I’d try to see if you can get it working with self-signed certificates that you import in your devices. It can be for stuff, like your mobile device is in a local network (hotel wifi etc, friend’s network) and it thinks it is at home and tries to connect to your Nextcloud. It potentially could send the password.
Or if you wifi is not encrypted, or you share it with someone, everything goes through unencrypted.

What HTTPS will do is encrypt communication between the browser/client and the server. If it’s LAN traffic only, and you’re satisfied that your WiFi is secure, then maybe you can get away with that.

I personally would not use an unencrypted connection for Nextcloud under any circumstances.

Ha! Yeah, im almost there :wink:
It works now with self signed certificate.
The last thing to work on, is, that redirection from http is not working. Apache-chonfig file has the section:

Redirect /

But, it obviously does not work. Connection to http:/… is still working.

Apart from ssl. The main advantage of using certs with something like traefik or caddy and that it will generally be set up by name rather than port. So instead of http/s://machine name:8080. You would set up and use reverse proxying to hit your local services. They still don’t have to be exposed to the internet.