SSL Certificate LetsEncrypt – NextCloud Snap

It’s not easy to install an ssl certificate using using the command nextcloud.enable-https lets-encrypt. The important thing to remember is you only need three pem files issued by LetsEncrypt. If you have that then you can run nextcloud.enable-https custom and install ssl certificate. To do that, I used certbot and dns as my preferred challenge. One important requirement here is that you have to access your DNS and add a DNS TXT record. I have to confess that I obtained the ssl certificate using a different server and copied it to my nexcloud server and it worked.

Install certbot

sudo apt install certbot -y

Get the certificate

sudo certbot certonly --manual -d --preferred-challenges dns

It will ask you to deploy a DNS TXT record. It may fail for one or two but keep trying. If successful, it will show message like this:

 - Congratulations! Your certificate and chain have been saved at:

   Your key file has been saved at:

   Your cert will expire on 2022-06-01. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot
   again. To non-interactively renew *all* of your certificates, run
   "certbot renew"

Check and copy pem files:

sudo ls /etc/letsencrypt/live/

 #README cert.pem  chain.pem  fullchain.pem  privkey.pem

sudo cp /etc/letsencrypt/live/ ~/
sudo cp /etc/letsencrypt/live/ ~/
sudo cp /etc/letsencrypt/live/ ~/

Go to user directory where the pem files are saved and enable https

cd ~/

sudo nextcloud.enable-https custom cert.pem chain.pem privkey.pem

If you have error like this:

SSLCertificateFile: file '/var/snap/nextcloud/29929/certs/live/cert.pem' does not exist or is empty

you just need to copy and paste the pem files in that directory 29929. To do that

sudo cp cert.pem /var/snap/nextcloud/29929/certs/live/cert.pem
sudo cp privkey.pem /var/snap/nextcloud/29929/certs/live/privkey.pem
sudo cp chain.pem /var/snap/nextcloud/29929/certs/live/chain.pem

#or in one command
sudo cp *.pem /var/snap/nextcloud/29929/certs/live

Finally, run this command again

sudo nextcloud.enable-https custom cert.pem chain.pem privkey.pem
 # Installing custom certificate... done
 # Restarting apache... done

And your done

List of commands:

# Lets-Encrypt
sudo nextcloud.enable-https lets-encrypt

# Selfsigned
sudo nextcloud.enable-https self-signed

# Custom
sudo nextcloud.enable-https custom cert.pem chain.pem privkey.pem

Leave a Comment

Your email address will not be published.