Owncloud SSL Setup

0
votes

I'm trying to setup a self signed certificate SSL on my owncloud 9 install. After updating my .conf files, and adding a https to the front of my url, I get a "this site can't be reached" error. I'm guessing something is incorrect with my SSL setup in apache but I can't figure out what.

I'm running Fedora24 and Owncloud9

I've included my conf files.

/etc/httpd/conf.d/ssl.conf

Listen 443 https

SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog

SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout  300

SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin

SSLCryptoDevice builtin

<VirtualHost _default_:443>

DocumentRoot "/var/www/mywebsite/html"
ServerName mywebsite.com:443

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

SSLEngine on

SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3

SSLHonorCipherOrder on

SSLCipherSuite PROFILE=SYSTEM
SSLProxyCipherSuite PROFILE=SYSTEM

SSLCertificateFile /etc/pki/tls/certs/mywebsite.com.pem

SSLCertificateKeyFile /etc/pki/tls/certs/mywebsite.com.key

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

#   Per-Server Logging:
#   The home of a custom SSL log file. Use this when you want a
#   compact non-error SSL logfile on a virtual host basis.
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

/etc/httpd/conf.d/mywebsite.conf

<VirtualHost *:443>
    SSLEngine on

    ServerAdmin admin@localhost
    ServerName mywebsite
    ServerAlias mywebsite.com
    DocumentRoot /var/www/mywebsite/html
    <Directory /var/www/mywebsite/html>
       Options Indexes FollowSymLinks
       AllowOverride All
       Require all granted
    </Directory>
    SSLCertificateFile /etc/pki/tls/certs/mywebsite.com.pem
    SSLCertificateKeyFile /etc/pki/tls/certs/mywebsite.com.key
</VirtualHost>

/etc/httpd/conf/httpd.conf

ServerRoot "/etc/httpd"
Listen 80

Include conf.modules.d/*.conf

User apache
Group apache

ServerAdmin root@localhost

<Directory />
    AllowOverride none
    Require all denied
</Directory>

DocumentRoot "/var/www"

<Directory "/var/www">
    AllowOverride None
    Require all granted
</Directory>

<Directory "/var/www">
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

<IfModule dir_module>
    DirectoryIndex index.html
</IfModule>

<Files ".ht*">
    Require all denied
</Files>

ErrorLog "logs/error_log"

LogLevel warn

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    CustomLog "logs/access_log" combined
</IfModule>

<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>

<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Require all granted
</Directory>

<IfModule mime_module>
    TypesConfig /etc/mime.types
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType text/html .shtml
    AddOutputFilter INCLUDES .shtml
</IfModule>

AddDefaultCharset UTF-8

<IfModule mime_magic_module>
    MIMEMagicFile conf/magic
</IfModule>

#EnableMMAP off
EnableSendfile on

# Supplemental configuration
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
1
linuxapachesslfedoraowncloud
Why would you want to use an annoying self signed certificate instead of a valid LetsEncrypt certificate, which is truly free of charge? - arkascha

1 Answers

1
votes

aaaaand, congrats to myself for realizing I had port 443 blocked on my router. Thank you all.