Get your own certificate

2017-11-03: This is not needed if you are using any of our  VMs as the Let’s Encrypt script handles the conf file generation.

You can get one on a TRIAL period of 3 months, and then extend for 4.95€ / year here.

Upload the certificate files to your server

Use Webmin to upload your files. Put the files in

/etc/ssl

You can find more info here.

Remember the location of the files as we will need that in the example_com.conf file later.

Become root in ubuntu
~:$ sudo -i
Activate SSL
~:$ a2enmod ssl
~:$ a2enmod headers
:~$ service apache2 restart
make a new conf file
~:$ nano /etc/apache2/sites-available/example_com.conf
Put this in the file you just made
<VirtualHost *:443>
    Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
    SSLEngine on

### YOUR SERVER ADDRESS ###
     ServerAdmin admin@example.com
     ServerName example.com
     ServerAlias subdomain.example.com 

### SETTINGS ###
    DocumentRoot /var/www/path-to-your-website-folder

    <Directory /var/www/path-to-your-website-folder>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
    Satisfy Any 
    </Directory>

    Alias /owncloud "/var/www/path-to-your-website-folder/"

    <IfModule mod_dav.c>
    Dav off
    </IfModule>

    SetEnv HOME /var/www/path-to-your-website-folder
    SetEnv HTTP_HOME /var/www/path-to-your-website-folder

### LOCATION OF CERT FILES ###
    SSLCertificateFile /etc/ssl/example.com/certificate.crt 
    SSLCertificateKeyFile /etc/ssl/example.com/ssl_example_com_se.key 
    SSLCACertificateFile /etc/ssl/example.com/certificate.ca.crt 
    SSLCertificateChainFile /etc/crt/example_com.ca-bundle 

### LOGS ###
   ErrorLog ${APACHE_LOG_DIR}/error.log 
   CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>
After you have made this you need to enter the domain into
~:$ nano /etc/hosts
It should look something like this:
127.0.0.1 localhost

127.0.1.1 www.techandme.se       techandme.se
127.0.1.1 shop.techandme.se      techandme.se
# The following lines are desirable for IPv6 capable hosts

::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
Activate your new config
:~$ a2ensite example_com.conf
:~$ sudo service apache2 reload
Deactivate your default-ssl config
:~$ a2dissite default-ssl.conf
:~$ sudo service apache2 reload

That’s all!



 PRO TIP

Secure your ownCloud against brute-force attempts. Configure Fail2ban!