Third Party SSL cert install

JayDub · August 12, 2021, 4:09am

Support intro

Hi there! I’ve been tasked with installing a new wild card ssl cert onto an existing nextcloud instance on an old slackware box. Goal is to temporarily use this until a migration to a new slackware box is possible.

The issue I’m running into is the .pem cert I have. Within the .pem, I noticed there’s the private key included. Do I need to export that into a separate file to execute the following command?

nextcloud.enable-https custom -s cert.pem privkey.pem chain.pem

Or am I able to just run nextcloud.enable-https custom -s cert.pem chain.pem ?

Nextcloud Latest Version
Operating system and version: Slackware 5.x
Apache

Thank you so much for the help, it’s greatly appreciated!

mactrent · August 12, 2021, 1:58pm

Without knowing exactly how that function is implemented, I’d strongly recommend yes. Unless this function specifically checks for and removes it, your web server will send the entire cert.pem file, including your private key, to any client that opens a connection.

I’d also recommend to disable external connections while you make your changes, and verify the certificate from your browser before allowing external connections again.