Jump to content

SSL certificate for IP based Nextcloud?

Gleb K
 Share
Go to solution Solved by desertcomputer,
26 minutes ago, Gleb K said:

I know a website is easier but I don't think I will be able to buy one. I did try installing a self signed certificate and it wasn't very hard however most browsers come up with a warning message which will 1. be annoying 2. concern my other family members because they don't know that it means that the connection is encrypted just with a self signed certificate. Do you know a better way of installing such a certificate? Otherwise I think I'll have to go with a domain name.

You can try caddy web server and use that as transparent proxy. It will generated and install certificates and also redirect users to https.

 

You need port forward both 443 and 80 to get it working. You might have change nextcloud to run on a different port apart from 443 or 80 but is not that hard. You can replace the exampledomain.com with your ip address if it static if not I still recommend you a dynamic dns service.

 

For example for caddy conf

 

exampledomain.com:443 {
    tls example@email.com {
    }
    proxy / 127.0.0.1:1234{
    transparent
    websocket
    }
}

Posted

Hello,

 

    I am going to install Nextcloud on my old PC and because I will make it accessible through my home network's public IP I want to use SSL. However I do not want to buy a domain and the command `sudo nextcloud.enable-https lets-encrypt` requires a domain because Let's Encrypt requires a domain, and `sudo nextcloud.enable-https self-signed` brings up a warning in most browsers which makes my setup seem even more dangerous to my family members who will be using it as well. Is there any way to get something like Let's Encrypt on an IP?

i7 8700K CPU | Gigabyte 1080 TI Turbo Graphics Card | Asus Z370-A Motherboard | 2 x 16GB Vengeance LPX Memory |  Samsung 1TB 970 Pro SSD | WD Red 6TB & WD Green 3TB HDDs | Be Quiet! Dark Base Pro 900 rev.2 Case | EK Monoblock + Bykski Graphics card Waterblocks EK 420 PE + 420 CE Radiators | 6 EK Furious Vardar EVO 140 BB Fans |  Enermax Neochanger 200ml Reservoir & pump

Link to comment
https://linustechtips.com/topic/965167-ssl-certificate-for-ip-based-nextcloud/
Share on other sites
Link to post
Share on other sites
Posted

You need like free domain services such as http://www.duckdns.org/ as I presume your public IP is not static? If it static it easier to have domain name as it much easier to remember and type in.

 

edit : Also you can install your self signed certificates on your family devices but more of a hassle you need port forward port 80 for let encrypt verification to work.

Magical Pineapples


 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Link to post
Share on other sites
Posted
  • Author
34 minutes ago, EMC said:

You need like free domain services such as http://www.duckdns.org/ as I presume your public IP is not static? If it static it easier to have domain name as it much easier to remember and type in.

 

edit : Also you can install your self signed certificates on your family devices but more of a hassle you need port forward port 80 for let encrypt verification to work.

I know a website is easier but I don't think I will be able to buy one. I did try installing a self signed certificate and it wasn't very hard however most browsers come up with a warning message which will 1. be annoying 2. concern my other family members because they don't know that it means that the connection is encrypted just with a self signed certificate. Do you know a better way of installing such a certificate? Otherwise I think I'll have to go with a domain name.

i7 8700K CPU | Gigabyte 1080 TI Turbo Graphics Card | Asus Z370-A Motherboard | 2 x 16GB Vengeance LPX Memory |  Samsung 1TB 970 Pro SSD | WD Red 6TB & WD Green 3TB HDDs | Be Quiet! Dark Base Pro 900 rev.2 Case | EK Monoblock + Bykski Graphics card Waterblocks EK 420 PE + 420 CE Radiators | 6 EK Furious Vardar EVO 140 BB Fans |  Enermax Neochanger 200ml Reservoir & pump

Link to post
Share on other sites
Posted
  • Solution
26 minutes ago, Gleb K said:

I know a website is easier but I don't think I will be able to buy one. I did try installing a self signed certificate and it wasn't very hard however most browsers come up with a warning message which will 1. be annoying 2. concern my other family members because they don't know that it means that the connection is encrypted just with a self signed certificate. Do you know a better way of installing such a certificate? Otherwise I think I'll have to go with a domain name.

You can try caddy web server and use that as transparent proxy. It will generated and install certificates and also redirect users to https.

 

You need port forward both 443 and 80 to get it working. You might have change nextcloud to run on a different port apart from 443 or 80 but is not that hard. You can replace the exampledomain.com with your ip address if it static if not I still recommend you a dynamic dns service.

 

For example for caddy conf

 

exampledomain.com:443 {
    tls example@email.com {
    }
    proxy / 127.0.0.1:1234{
    transparent
    websocket
    }
}

Magical Pineapples


 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Link to post
Share on other sites
Posted
  • Author
7 minutes ago, EMC said:

You can try caddy web server and use that as transparent proxy. It will generated and install certificates and also redirect users to https.

 

You need port forward both 443 and 80 to get it working. You might have change nextcloud to run on a different port apart from 443 or 80 but is not that hard. You can replace the exampledomain.com with your ip address if it static if not I still recommend you a dynamic dns service.

 

For example for caddy conf

 

exampledomain.com:443 {
    tls example@email.com {
    }
    proxy / 127.0.0.1:1234{
    transparent
    websocket
    }
}

Ok, I'l have a look. Thanks.

i7 8700K CPU | Gigabyte 1080 TI Turbo Graphics Card | Asus Z370-A Motherboard | 2 x 16GB Vengeance LPX Memory |  Samsung 1TB 970 Pro SSD | WD Red 6TB & WD Green 3TB HDDs | Be Quiet! Dark Base Pro 900 rev.2 Case | EK Monoblock + Bykski Graphics card Waterblocks EK 420 PE + 420 CE Radiators | 6 EK Furious Vardar EVO 140 BB Fans |  Enermax Neochanger 200ml Reservoir & pump

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programs, Apps and Websites

×