Arch Linux Tutorial-How to enable SSL-HTTPS on Nextcloud

This tutorial is going to show you how to enable SSL with Self Signed certificate on Nextcloud on Arch Linux. If you are running Nextcloud on another Linux distribution, it should be pretty much the same steps. Before we go through, you may want to read the following tutorial:

To enable SSL with self signed certificate on Arch Linux, you can do the following:

Step 1. Edit httpd.conf

sudo nano /etc/httpd/conf/httpd.conf

Now find uncomment the following lines:

LoadModule ssl_module modules/
LoadModule socache_shmcb_module modules/
Include conf/extra/httpd-ssl.conf

Also add the line below to the Listen ports on the httpd.conf file

Listen 443

Step 2. Create Certificate

On Terminal, execute the following commands in sequences. These commands are used to crate new certificate.

cd /etc/httpd/conf
sudo openssl req -new -x509 -nodes -newkey rsa:4096 -keyout server.key -out server.crt -days 1095
sudo chmod 400 server.key

Step 3. SSL Hardening

Once the new certificate is created, now we need to tweak some things here. We need to edit the file /etc/httpd/conf/extra/httpd-ssl.conf. I use nano to edit this file

sudo nano /etc/httpd/conf/extra/httpd-ssl.conf

Under the Virtualhost:443 section, copy and paste the following lines:

<IfModule mod_headers.c>
Header always set Strict-Transport-Security “max-age=15768000; includeSubDomains; preload”

Now restart httpd

sudo systemctl restart httpd.service

Done. Now open Nextcloud with https://yourip-address/nextcloud. Thanks for reading this tutorial to enable HTTPS/SSL on Nextcloud on Arch Linux server.


Leave a Reply

Your email address will not be published. Required fields are marked *