Navigate to the Admin page and enable the “Enforce HTTPS” option. Notice “/owncloud” is not requried in the URL because of the Document Root entry in the conf we added to apache. Next we enable the new conf file: a2enconf nf Header always set Strict-Transport-Security "max-age=15768000 includeSubDomains preload" SSLCertificateKeyFile /etc/ssl/private/my-private-key.key SSLCertificateFile /etc/ssl/certs/my-public-cert.pem
#Owncloud remote access full
Your information structure will be always under your full control without any significant investments in equipment. Organize the storage, convenient and secure access to data of employees, a joint work on documents and projects from any device and from anywhere in the world. The mod_headers is an best practices entry from owncloud for a more secure server. ownCloud is a full-fledged online office for joint work on projects. The virtual host 443 is setup with the certificates specified. This will forward requests from port http port 80 to https port 443 ensuring all communication is encrypted. Now that the CA is trusted, enable the needed apache plugins: a2enmod rewrite & a2enmod headers & a2enmod sslĬreate an apache virtual host: nano /etc/apache2/conf-available/nfĪdd the following to the new file.
Note: For some installations, you need to use “sudo dpkg-reconfigure ca-certificates” instead which calls update-ca-certificates This command will read in the Root-CA Cert and add it to the trusted list for this server. You should have a public cert, private key, and a root-CA from the issuing Authority.Ĭopy your public cert PEM file into /etc/ssl/certs/my-public-cert.pemĬopy your private key file into /etc/ssl/private/my-private-key.keyĬopy your CertAuth-Rootca.crt file into /usr/local/share/ca-certificates Since we are using certs, you need openssl modules if you don’t already have it installed. The ownCloud Document Classification feature was designed to empower organizations to restrict access to files based on Read more Whether SME, large company, association or educational institution: digital collaboration poses new challenges, especially in remote teams. Ive been trying to tackle this problem myself for about two weeks, but Ive hit a wall and need some help figuring out whats happening. If you plan on using WebDAV with IOS, I have found that a cert from a known authority works where a self signed certs cause issues. To start, you need to have a cert issued from a known authority or you create a self signed cert. I have added this here for easy reference. There are lots of tutorials available for this. Since owncloud runs on top of apache2, enabling https is pretty easy. Even if it is internal only, enforcing https is a good idea. If you are running owncloud and have it facing the public internet, you should really be enforcing https communication. This document can be used for Owncloud Ver 8 and Ubuntu Server 14.04.
0 kommentar(er)
