Is your ownCloud client saying
Failed to connect to ownCloud: Connection refused
?
A possible cause could be that the webserver that is serving your ownCloud does not have SSL enabled. In this note I
will describe how I did that for my own Apache 2 install. If you do a websearch for
apache2 ssl
you will probably
find many search results, but none of the pages I found applied to the install I had - all used different files and
directories. For that reason I am posting this note.
If you are using the Apache web server, a version close to 2.2, you can probably enable SSL the way it is outlined in
this note. To find out which version of Apache my server has, I ran
apache2 -v
on it.
$ apache2 -v
Server version: Apache/2.2.22 (Debian)
Server built: Mar 4 2013 22:05:16
We will now create a private key and a certificate, but before we do that, we should create and navigate to the
/us/lib/apache2/ssl/
directory. Our server is called server1. This is what we will enter as the 'common name'
when we are asked for it.
We can create a key/certificate pair with the following example command:
openssl req -new -newkey rsa:2048 -nodes -keyout server1.key -out server1.csr
It willl probably make sense to add something like
-days 365
, which indicates how long the certificate should be
valid. In my case it does not seem necessary, as both server and clients are on my personal network.
Now we need to tell Apache to use it. We make sure the top of our site configuration, which is contained in
/etc/apache2/sites-available/default
by default, looks like this:
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName server1:443
We also add the following:
SSLEngine on
SSLCertificateKeyFile /etc/apache2/ssl/server1.key
SSLCertificateFile /etc/apache2/ssl/server1.crt
We will instruct Apache to use
the 'mod_ssl' module
,
which uses
OpenSSL
. Install it if it isn't installed yet (check
/usr/lib/apache2/modules/
to see if it is installed).
We can use
a2enmod ssl
and
a2ensite default-ssl
to enable 'mod_ssl' for us. The latter enables it specifically for
the website listed in
/etc/apache2/sites-available/default
.
We can also do it manually. If we check which files are listed in
/etc/apache2/mods-available
, we should find
ssl.conf
and
ssl.load
. We will now create symbolic links to these files in the
/etc/apache2/mods-enabled
directory, that way Apache knows we want these mods to be enabled.
cd /etc/apache2/mods-enabled
ln -s ../mods-available/ssl.conf ssl.conf
ln -s ../mods-available/ssl.load ssl.load
mod_ssl
is now enabled.
Now the apache2 server needs to be restarted. One can use
service apache2 reload
on modern Debian(-based) installs.
Your owncloud should now be reachable on 'https://
<server>
/owncloud'. Of course, your ownCloud client and web browser
will ask you if you trust this self-signed certificate.
Warnings about current SSL Connection:
The host name did not match any of the valid hosts for this certificate
The certificate is self-signed, and untrusted
...
...
In this case I'm fine with this - I can check the certificate details myself, and am only really using the certificate to get my own ownCloud client working with my own ownCloud server.