Help with Nextcloud setup (SSL)

[Loren Zimmer]

I’ve followed this tutorial and had next cloud working locally until somewhere around the heading “Let’s Cache”. Now when I try and access the page locally I get this error:

Code:

192.168.1.93 sent an invalid response.
Try running Windows Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR

The Apache log shows the following:

Code:

[Tue Nov 06 23:16:53.971634 2018] [mpm_prefork:notice] [pid 81295] AH00169: caught SIGTERM, shutting down

[Tue Nov 06 23:16:54.084130 2018] [ssl:warn] [pid 81814] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]

[Tue Nov 06 23:16:54.135464 2018] [mpm_prefork:notice] [pid 81814] AH00163: Apache/2.4.35 (FreeBSD) OpenSSL/1.0.2o-freebsd PHP/7.1.22 configured -- resuming normal operations

[Tue Nov 06 23:16:54.135499 2018] [core:notice] [pid 81814] AH00094: Command line: '/usr/local/sbin/httpd -D NOHTTPACCEPT'

I googled Init: Session Cache is not configured and found a suggestion to uncomment another line in the httpd.conf file which I did but without any success. Does anyone have any recommendations as to the next step I should take to try and get this working?

Thank you

Loren

 

[dlavigne]

Were you able to figure this out?

 

[danb35]

If not, it might be better to post on the thread for the how-to you're following.

 

[Loren Zimmer]

I haven't, but I also have just made a little progress in narrowing down the problem tonight. I have a feeling that its a certificate error. When I run this command:

Code:

certbot certonly --webroot -w /usr/local/www/apache24/data/nextcloud -d YOURSITE.COM 

This is the error I get:

Code:

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: zimmvpn2.ddns.net
   Type:   unauthorized
   Detail: Invalid response from
   http://zimmvpn2.ddns.net/.well-known/acme-challenge/FtRmYOYG6PWcQztD1DIWUHVjIsjyS94PWzk4SLbymoc:
   "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
   2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

 

[danb35]

No, that isn't a certificate error; it means that certbot is putting the challenge file in the wrong place for Let's Encrypt to find it--or, in the alternative, Let's Encrypt isn't connecting to the right server in the first place.

 

[Loren Zimmer]

No, that isn't a certificate error; it means that certbot is putting the challenge file in the wrong place for Let's Encrypt to find it--or, in the alternative, Let's Encrypt isn't connecting to the right server in the first place.

Thank you!
Where do I find where the config for Let's Encrypt or what server it's connecting to?

 

[Loren Zimmer]

I've noticed after going through the tutorial that I'm not able to get to next cloud by simply entering the jail IP but I have to add /nextcloud to view the web page. Is this an indicator that there is something wrong with my configuration?

 

[danb35]

It could be. Perhaps you should ask that question on the thread for the how-to you followed.

 

[Loren Zimmer]

@danb35 you were right a bunch of the questions that I asked were in the tutorial thread. I found a couple of mistakes that I had made and decided to recreate the jail. Now I've hit an error that I couldn't find in the tutorial thread. When I restart apache24 this is the error I get:

Code:

httpd: Syntax error on line 548 of /usr/local/etc/apache24/httpd.conf: Syntax error on line 21 of /usr/local/etc/apache24/Includes/myurl.net.conf: /usr/local/etc/apache24/Includes/myurl.net.conf:21: <VirtualHost> was not closed.

Here is the conf file:

Code:

<VirtualHost *:80>
DocumentRoot "/usr/local/www/apache24/data/nextcloud"
ServerName myurl.net
RewriteEngine on
RewriteCond %{SERVER_NAME} =myurl.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
#ErrorLog ${APACHE_LOG_DIR}/error.log
#CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /usr/local/www/apache24/data/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /usr/local/www/apache24/data/nextcloud
SetEnv HTTP_HOME /usr/local/www/apache24/data/nextcloud
Satisfy Any
</Directory>
</VirtualHost>

<VirtualHost *:443>
  ServerAdmin myemail
  ServerName myurl.net
  DirectoryIndex index.php
  DocumentRoot /usr/local/www/apache24/data/nextcloud
  SSLCertificateFile /usr/local/etc/letsencrypt/live/myurl.net/fullchain.pem
  SSLCertificateKeyFile /usr/local/etc/letsencrypt/live/myurl.net/privkey.pem
  SSLEngine on
  # Intermediate configuration, tweak to your needs
  SSLProtocol  all -SSLv2 -SSLv3
  SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
  SSLHonorCipherOrder  on
  SSLCompression  off
  SSLOptions +StrictRequire
  <Directory /usr/local/www/apache24/data/nextcloud>
  AllowOverride all
  </Directory>

Any help is greatly appreciated.

 

[Loren Zimmer]

Never mind. I missed copying </VirtualHost> at the end of the 443 section. ugg

 

[Loren Zimmer]

Were you able to figure this out?

I havn't. I have just responded to the original tutorial thread for help.