Setup self signed ssl certificate on Owncloud 6 in Ubuntu 14.04 LTS Server
With the arrival of new Ubuntu version 14.04 LTS, there are few changes we have found so far. In my some previous post, I already stated that major change is defualt apache server is version 2.4 . Because we have now Apache 2.4 version, many new configuration parameters are introduced.
Follow the given below steps to setup self signed ssl certificate on Owncloud 6 in Ubuntu 14.04 LTS Server
Step 1 : Install Owncloud 6 on Ubuntu 14.04 LTS
We have already written a post on “How to install Owncloud 6 on Ubuntu 14.04 LTS Server” .
Go through with the post.
Go through with the post.
Description of our Server
Operating System : Ubuntu 12.04 LTS Server edition
Arch : x86_64
Apache version : 2.4.7
Owncloud Version : 6.0 (or 6.x)
Owncloud DocumetRoot path : /var/www/html/owncloud
Owncloud configuration File Path : /etc/apache2/sites-enabled/owncloud.conf
Arch : x86_64
Apache version : 2.4.7
Owncloud Version : 6.0 (or 6.x)
Owncloud DocumetRoot path : /var/www/html/owncloud
Owncloud configuration File Path : /etc/apache2/sites-enabled/owncloud.conf
If you have already setup the owncloud 6 .Then kindly note the following things which may be you have to change as per your set up.
1. DocumentRoot of owncloud
2. Path of Apache Owncloud configuration file
2. Path of Apache Owncloud configuration file
Step 2 : Install OpenSSL package
To create ssl certificate we require OpenSSL package. Hence install it with given below command
1
|
sudo apt-get install openssl
|
Step 3 : Enable ssl and rewrite module
Now enable the two apache module i.e SSL and Rewrite module
1
2
|
sudo a2enmod ssl
sudo a2enmod rewrite
|
Step 4 : Create Self signed Certificate
Now create a self signed certificate to be used in Owncloud setup.
We will first create a seperate directory so that we will keep the SSL keys there
We will first create a seperate directory so that we will keep the SSL keys there
1
|
sudo mkdir -p /etc/apache2/ssl
|
Now use the below given one liner command to create self signed certificate. Write the answers which will asked during certiciate creation
1
|
sudo openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key
|
Note: The above certificate is valid for 365 days. We have mentioned validity days in the command.
The below given is reference from my system. Kindly consider it as an example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
sharad@ubuntu:~$ sudo openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/owncloud.pem -keyout /etc/apache2/ssl/owncloud.key
Generating a 2048 bit RSA private key
.........................+++
..................................................................+++
writing new private key to '/etc/apache2/ssl/owncloud.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:AP
Locality Name (eg, city) []:HYD
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example Pvt. Ltd
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:example.com
Email Address []:admin@example.com
sharad@ubuntu:~$
|
IP Based Or Name based Virtual Hosting
We have two ways to configure either IP based or Name based. In this tutorial, we are pasting the configuration for both . USE ONLY ONE METHOD EITHER IP BASED OR NAME BASED, DO NOT CONFIGURE BY BOTH METHOD
NOTE: Kindly do the changes as per your server information. Specifically the below given values
1. Domain name = replace example.com with your domain/sub-domain name
2. IP Address = In case, you want to configure IP based. Then use the IP address of your server and replace with 192.168.56.101
3. DocumentRoot = Get the absolute path of Owncloud directory in default Apache’s data dir. In our setup we are using, /var/www/html/owncloud . Hence replace it if yours path is different
4. Owncloud config file = In our setup we have placed the owncloud.conf file in path /etc/apache2/sites-enabled//etc/apache2/sites-enabled/owncloud.conf . Hence check your Owncloud configuration path.
2. IP Address = In case, you want to configure IP based. Then use the IP address of your server and replace with 192.168.56.101
3. DocumentRoot = Get the absolute path of Owncloud directory in default Apache’s data dir. In our setup we are using, /var/www/html/owncloud . Hence replace it if yours path is different
4. Owncloud config file = In our setup we have placed the owncloud.conf file in path /etc/apache2/sites-enabled//etc/apache2/sites-enabled/owncloud.conf . Hence check your Owncloud configuration path.
Setup IP Based Apache Configuration
Edit your owncloud configuration file located in Apache’s configuration directory. As we stated earlier, our owncloud.conf file is located in /etc/apache2/sites-enabled/owncloud.conf .
Edit the file /etc/apache2/sites-enabled/owncloud.conf as given below for IP based apache configuration
1
|
sudo vi /etc/apache2/sites-enabled/owncloud.conf
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
<VirtualHost 192.168.56.101:80>
#### Redirect to port 443 ###
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
#### End of Redirection configuration ###
DocumentRoot /var/www/html/owncloud/
<Directory /var/www/html/owncloud>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.56.101:443>
####Configuration for SSL #####
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.pem
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
#### End of SSL Configuration ####
DocumentRoot /var/www/html/owncloud/
<Directory /var/www/html/owncloud>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
|
Now restart apache service
1
|
sudo service apache2 restart
|
OR Setup Name Based Apache Configuration
For name based we require domain name or sub domain name. In DNS settings resolve the Server IP address to your domain name in host record.
First edit the apache2.conf file and search the parameter HostnameLookups and enable it by replacing off to on
1
|
vi /etc/apache2/apache2.conf
|
1
|
HostnameLookups On
|
Save and exit from file
Now use the given below settings for Name based apache configuration. Replace example.com with your domain name. Edit the file owncloud.conf file
1
|
sudo vi /etc/apache2/sites-enabled/owncloud.conf
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
<Directory /var/www/html/owncloud>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/owncloud.pem
SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key
DocumentRoot /var/www/html/owncloud/
<Directory /var/www/html/owncloud>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
|
Save and exit from file
Restart the Apache service
1
|
sudo service apache2 restart
|
Open the Owncloud URL in web browser
Open the web browser and in address bar type the domain name or IP address . Replace the example.com or 192.168.56.101 with your domain name and server’s ip address.
1
2
3
4
5
|
https://example.com
OR
https://192.168.56.101
|
In configuration we have redirected the traffic coming to port 80 to port 443 . Hence, even using only HTTP in URL it will be redirected to HTTPS
No comments:
Post a Comment