Comments (10)
Thanks for following up -- I have resolved the issue with copying to the folder certs for nextcloud certs which wasnt empty just needed sudo su, then altering permissions, then rerunning command. Thanks!
from nextcloud-snap.
A Lets Encrypt certificate is not a custom certificate and may not be used as a custom certificate. So what you are trying to do is not possible. You cannot use an existing Lets Encrypt certificate to encrypt another site... there can only be one.
Possibly you could let the Nextcloud snap encryption service retrieve a certificate for a sub domain like cloud.mydomain.mydnsprovider.xyz
and get a Lets Encrypt certificate for that sub domain, but assuming you have an existing web service on port 80 and or 443 that is not going to work.
You either need a wildcard certificate for your domain, in which case you may disable the Nextcloud snap Lets Encrypt service completely as your domain will be encrypted by an api.
or
You could use a reverse proxy and let NGINX proxy manager handle SSL termination for you, in which case you would also disable the Nextcloud snap Lets Encrypt service.
Sorry to have to say this again, but this is certainly not a Nextcloud snap issue and not a "Nextcloud snap encryption service issue" either. That's how Lets Encrypt works. Now I'm not going to point you to the Wiki this time around... and I'll stand to being corrected any time.
from nextcloud-snap.
Assuming you will close the issue when you see fit?
from nextcloud-snap.
A Lets Encrypt certificate is not a custom certificate and may not be used as a custom certificate. So what you are trying to do is not possible. You cannot use an existing Lets Encrypt certificate to encrypt another site... there can only be one.
That's not necessarily true. Perhaps @coyoteconscious moved domains. However, I do question why. @coyoteconscious, if you have a domain name pointing to the snap, why not just let the snap take care of your certs via Let's Encrypt? Even if this command worked, this cert will expire in a few months and you'll have to run this command again with new certs that you obtain yourself. The snap could be doing that for you.
Regarding why this is failing, can you take a peek inside the /var/snap/nextcloud/40228/certs/live
directory? Note that it should be a symlink to another. What's in there? Do those files match what you provided?
from nextcloud-snap.
I think this may be related, but I have a similar challenge to activate https with an existing tailscale generated cert. In this case I have the cert.crt
and the cert.key
but am not clear what to use for the <chain>
. The tailscale cert
command does register the custom tailscale ddns entry with lets-encrypt. Thus I think it is a similar question to the o/p: how to register with an existing lets-encrypt registered cert? (well in my case I also do not have a <chain>
file to use, I am unclear on it).
from nextcloud-snap.
Hey @rik-shaw, that's a valid question, but unrelated to this one. Mind opening a new issue?
from nextcloud-snap.
Hey @rik-shaw, that's a valid question, but unrelated to this one. Mind opening a new issue?
will do. Thanks for the quick reply.
from nextcloud-snap.
Hello I have having a very similar issue but a little different.
I have a wildcard certificate that I am trying to use nextcloud-snap to install from my haproxy/certbot box. I want to get away from SSL termination because the overhead is pretty crazy and ssl verification on things like email smtp are starting to not like that my backend switches to http or check verify none at the proxy.
I have cron scp copying the certs to my docker, exchange server, nextcloud, etc VM's --
I am getting the same error as OP, and there is nothing in the directory, it doesn't even exist and is write only here is my output:
mikekay@PROJECTNCLOUD:/snap/nextcloud/41512$ sudo nextcloud.enable-https custom /home/mikekay/certs/live/domain.com/cert.pem /home/mikekay/certs/live/domain.com/privk
ey.pem /home/mikekay/certs/live/domain.com/chain.pem
Installing custom certificate... done
Restarting apache... error
Certificates have been activated: using HTTPS only
Certificates appear self-signed: disabling HSTS
HTTP compression is disabled
notify_push reverse proxy is disabled
AH00526: Syntax error on line 101 of /snap/nextcloud/41512/conf/ssl.conf:
SSLCertificateFile: file '/var/snap/nextcloud/41512/certs/live/cert.pem' does not exist or is empty```
Why is it refusing to enable SSL, can I diable nginx since I already have a proxy in front? so many questions --
from nextcloud-snap.
@mikekay1, thanks for your request.
do you mind creating a new issue for this please...
from nextcloud-snap.
This issue is stale because it has been without activity for 60 days. It will be closed after 7 more days of inactivity.
from nextcloud-snap.
Related Issues (20)
- Snap Nextcloud seems to have not enabled imagic HOT 1
- Only self-signed certificate is delivered HOT 4
- documentation, add wiki database-apps-files maintenance
- documentation, wiki edit FAQ's
- documentation, wiki add CG-NAT and DSLite, work on details and beautify
- Trying to track down long term stability issue HOT 19
- Upgrade Nextcloud to 29.0.5 HOT 1
- Upgrade Redis to 7.2.5
- Upgrade PHP to 8.2.22
- Collabora stops working after a few hours HOT 6
- Upgrade Nextcloud to 28.0.9 HOT 1
- documentation, wiki "reverse proxy configuration"
- Nextcloud Office: Namespaces wont' work out of the box inside of a snap HOT 4
- Fedora Server 40 - Snap move nextcloud data folder HOT 1
- Update Nextcloud to 29.0.6 HOT 2
- Object Name and Folder Structure When Using S3 Storage (IDrive e2) as Primary Storage HOT 1
- nextcloud.occ not found HOT 2
- documentation, FAQ's -- mimetype migrations HOT 6
- Update Nextcloud to 29.0.7 HOT 2
- Update Nextcloud to 28.0.10 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nextcloud-snap.