-
-
Notifications
You must be signed in to change notification settings - Fork 216
Managing HTTP encryption (HTTPS)
Nextcloud snap includes a service for automated HTTPS encryption using Lets Encrypt, self-signed certificates, or custom certificates.
Enable HTTPS via Lets Encrypt. HTTP will redirect to HTTPS. Non-custom certificates will automatically be kept up-to-date. See nextcloud.enable-https -h
for more information. Note that this requires sudo
or root privileges.
Run nextcloud.enable-https -h
for more information.
sudo nextcloud.enable-https -h
sudo nextcloud.enable-https lets-encrypt
Enter email address and domain/subdomain. If you need to setup multiple domains then seperate them with a comma.
NOTE: if something went wrong after entering incorrect data, you'll need to correct that data. You may run into a
... permission error
because only root may overwrite the data in the file. Simply switch user to rootsudo -i
and try again as root# nextcloud.enable-https lets-encrypt
. If that doesn't work, you'll need to start from scratch.
sudo nextcloud.disable-https lets-encrypt
Due to a snapd issue it may be necessary to disable the renewal-service manually.
sudo snap stop --disable $SERVICE
Example:
sudo snap stop --disable nextcloud.renew-certs
Renew service renew-certs.service
is automated in Nextcloud-snap.
Check renewal by issuing:
sudo journalctl -u snap.nextcloud.renew-certs.service
Enable self signed certificate:
sudo nextcloud.enable-https self-signed
- Disable Lets Encrypt
- Remove all current Certificates
- Get new Certificates
- disable HTTPS (this just removes a symlink, it doesn’t remove any certificates):
sudo nextcloud.disable-https
- remove all/any certificates that are there (this includes self-signed certs, Let’s Encrypt certificates, everything). Make sure you get this command right, you don’t want to delete anything else in the current/ directory:
sudo rm -rf /var/snap/nextcloud/current/certs
- add required empty directories:
sudo mkdir -p /var/snap/nextcloud/current/certs/certbot
- pretend you’re enabling HTTPS for the first time, using only the domains you want:
sudo nextcloud.enable-https lets-encrypt
View Lets Encrypt log in Netxtcloud snap:
sudo cat /var/snap/nextcloud/current/certs/certbot/logs/letsencrypt.log
Nextcloud snap Wiki, use all information and scripts at own risk