Posts
You do want your WAN-facing NextCloud to be using HTTPS, the TLS-based web-service.
NC uses Apache by default, altho you can set it to use NGINX. I have not switched, just going with the NC default install. It is not quite a normal Apache.
First thing you need are some server Certificates. You can create self-signed ones, but they aren't as friendly as web-browsers want.
Lets Encrypt works ok. This article will describe doing that. The only real flaw about LE Certs is that they are only 90 days.
THIS IS UNFINISHED
Apparently you put the certificate files into:
/var/snap/nextcloud/current/certs/custom/
which you will have to create. And then run this:
sudo nextcloud.enable-https custom -s cert.pem privkey.pem chain.pem
with whatever relevant name changes are required.
We will use CERTBOT to do the install after we create them.
sudo apt update
sudo apt upgrade
sudo apt remove certbot
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
which certbot
finally:
sudo certbot --nginx
sudo certbot --apache
No comments:
Post a Comment