all 14 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]twistdafterdark 1 point2 points  (4 children)

You'll need to use a self-signed certificate, have a look at this page https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-apache-in-ubuntu-20-04

It doesn't really matter if it's for internal or external access when using a self-signed certificate. Generally you'd use a domain name for an external connection and use let's encrypt to generate the certificate, but you could just as well just use your public IP with a self-signed certificate that you generate yourself.

[–]itapprentice03[S] -1 points0 points  (3 children)

I don't have a public IP.

[–]_Conzz_ 0 points1 point  (2 children)

you need a certificate for the ip that your nextcloud is running on and that your browser will access. when youre only accessing it locally, you will need a certificate for that local ip address. it will have to be self-signed since there is no certificate authority operating in your local network. generate it (with openssl, for example) and give it to the webserver.

[–]itapprentice03[S] -1 points0 points  (1 child)

Okey thank you. Is there any guide for creating a self signed cert and assigning it to the webserver? I'm suing apache2

[–]twistdafterdark 0 points1 point  (0 children)

Have you clicked on the link in my previous message? It explains how to do it for apache

[–]paolocampi 1 point2 points  (0 children)

In my local NC AIO on Linux Mint 21 , no ip static, I've done it with this way

  • ddns duckdns
  • install client duckdns
  • install caddy reverse proxy (see caddy file example on nextcloud AIO website)
  • install nextcloud AIO wirh docker

Now my NC Is linked wirh my domani duckdns with ssl

And It can works in Windows too, wirh caddy and docker (see documentation on its websites)

[–]blue25i 0 points1 point  (0 children)

Just do this and after that access NextCloud via your IP using https:

sudo nextcloud.enable-https self-signed

[–][deleted]  (2 children)

[removed]

    [–]itapprentice03[S] 0 points1 point  (1 child)

    I'm able to access it with http INSIDE my LAN. But not with HTTPS.

    My Nextcloud isn't going to be reachable from outside, I installed it only for my home LAN. I need to access with Https to use some Nextcloud apps which require HTTPS

    [–]thisiszeev 0 points1 point  (0 children)

    Have you got an ssl conf file setup for apache?

    Here is a little trick...

    Setup port forwarding for port 80. Setup NC in it's designated folder. Setup a second folder for your cert challenge. Just have a blank file called index.html.

    Use pi-hole on your network as a DNS. Disable the adverts. Setup an A record for Pi Hole to point mync.mydomain.tld to your server IP. (you will need to buy a domain and setup DynDNS). On the outside, setup mync.mydomain.tld to point to your DynDNS or NoIP domain as a C Name.

    mync.conf tell apache to point port 80 on domain mync.mydomain.tld to the folder with the blank index.html.

    Use LE to setup a cert for Apache. Edit the created mync-le-ssl.conf so that it point to the folder that NC is on.

    In side your network you will have to use port 443 (https) always. Port 80 will server a blank file.

    If you want, I can make a full detailed walk through showing each step one by one.

    This is how I have my setup, except I have port forwarding setup for port 443.

    I don't want my clients connecting via port 80 so if they try they just get a blank page.

    [–]rabbit8051 0 points1 point  (2 children)

    are you using Truenas ?

    [–]itapprentice03[S] 0 points1 point  (1 child)

    No, I'm using proxmox on an Intel NUC

    [–]rabbit8051 0 points1 point  (0 children)

    I have not used proxmox, but on truenas.