This tutorial is going to show you how to enable SSL with Self Signed certificate on Nextcloud on Arch Linux. If you are running Nextcloud on another Linux distribution, it should be pretty much the same steps. Before we go through, you may want to read the following tutorial:
- How to install LAMP (Linux, Apache, MySQL, PHP) on Arch Linux 2016
- How to install Nextcloud on Arch Linux 2016
To enable SSL with self signed certificate on Arch Linux, you can do the following:
Step 1. Edit httpd.conf
sudo nano /etc/httpd/conf/httpd.conf
Now find uncomment the following lines:
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-ssl.conf
Also add the line below to the Listen ports on the httpd.conf file
Listen 443
Step 2. Create Certificate
On Terminal, execute the following commands in sequences. These commands are used to crate new certificate.
cd /etc/httpd/conf sudo openssl req -new -x509 -nodes -newkey rsa:4096 -keyout server.key -out server.crt -days 1095 sudo chmod 400 server.key
Step 3. SSL Hardening
Once the new certificate is created, now we need to tweak some things here. We need to edit the file /etc/httpd/conf/extra/httpd-ssl.conf. I use nano to edit this file
sudo nano /etc/httpd/conf/extra/httpd-ssl.conf
Under the Virtualhost:443 section, copy and paste the following lines:
<IfModule mod_headers.c>
Header always set Strict-Transport-Security “max-age=15768000; includeSubDomains; preload”
</IfModule>
Now restart httpd
sudo systemctl restart httpd.service
Done. Now open Nextcloud with https://yourip-address/nextcloud. Thanks for reading this tutorial to enable HTTPS/SSL on Nextcloud on Arch Linux server.
