Information in this post may be out of date or inaccurate due to the age of the original posted content this is posted here for my historical record only. Original post continues below.
This is a follow on post from Setting up ownCloud on Slackware 14.0 (part 1 – the server) and Setting up ownCloud on Slackware 14.0 (part 2 – the client). If you have completed these first two then you have a fully functional ownCloud install that allows you to synchronise your files across multiple devices.
In this 3rd part I am setting up SSL to allow secured connections using an HTTPS URL.
First thing to do is to get the SSL certificate for use. If you are doing this on a professional site/server you will probably need to purchase an official certificate from a CA (certificate Authority) , but as I am doing this on my own computer I am using a self signed certificate.
These instructions are taken from http://www.apache-ssl.org/#FAQ
Step one – create the key and request:
openssl req -new > new.cert.csr
Step two – remove the passphrase from the key (optional):
openssl rsa -in privkey.pem -out new.cert.key
Step three – convert request into signed cert:
openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365
You now have three certificate files new.cert.key, new.cert.csr and new.cert.cert. These can be placed wherever is appropriate but I placed then in the /etc/httpd/ directory so the path to these is /etc/httpd/new.cert.key and so on, these paths are needed later on when they are added to the webserver configuration.
Once you have the certificates you need to make sure that your webserver can use ssl, this is done by uncommenting the mod_ssl module line in /etc/httpd/httpd.conf by removing the hash at the beginning of the line
#LoadModule ssl_module lib/httpd/modules/mod_ssl.so
LoadModule ssl_module lib/httpd/modules/mod_ssl.so
The server needs to be restarted before changes will take place, I find it is usually a good idea to restart after a single change rather than do a lot of changes this way you can know which change causes errors if any. So restart apache by issuing the command
If all is well the server will restart without issue, you can check the logs at /var/log/httpd/ to troubleshoot.
Now we need to tell the server where to find our SSL certificates and sedtup the correct port of 443, this is done in the /etc/httpd/extra/https-ssl.conf file.
The Apache-SSL directives that you need to use the resulting cert are SSLCertificateFile and SSLCertificateKeyFile directives. Search the httpd-ssl.conf file and edit it to add the paths to your previously made certificates. The required lines are:
Add these details to the VirtualHost section along with the ServerName, ServerAdmin, error logs etc and turn on the ssl engine, your VirtualHost section should start similar to this (parts removed for clarity)
<VirtualHost _default_:443> DocumentRoot "/srv/httpd/htdocs" ServerName 127.0.0.1:443 ServerAdmin your_email_address_here ErrorLog "/var/log/httpd/error_log" TransferLog "/var/log/httpd/access_log" SSLEngine on SSLCertificateFile "/etc/httpd/new.cert.cert" SSLCertificateKeyFile "/etc/httpd/new.cert.key" . . . . </VirtualHost>
This part sets up the server to respond to secure (https) traffic by using the created certificates. Again once this done you need to restart the server as done previously.
If all has gone well you now need to setup the ownCloud client to connect using https. This is done through the client setup as in the previous post (Setting up ownCloud on Slackware 14.0 (part 2 – the client)). Make sure you use https:// in front of the url or you will not be able to access ownCloud (I forgot to change from http to https and it took me a while to work out why my previously working install was no longer working).