<sub>(2024/10/28)</sub>
#linux #nextcloud #tailscale #ubuntu
## Intro
Nextcloud is a beast of an application that can be deployed in an numerous ways but the community has mainly standardized on deploying Nextcloud with Let's Encrypt in a docker container. For my own reasons, I have decided on deploying Nextcloud in a VM instead specifically the [Hansson IT Nextcloud VM ](https://www.hanssonit.se/nextcloud-vm/) (which is a highly customized self-deploying VM of Nextcloud) but I ran into some problems when I attempted to install my own supplied SSL certificate mainly a lack of documentation. Nextcloud uses Apache HTTP Server and as a result you need to configure Apache to work with your custom SSL certificate.
## Guide
1. Obtain a SSL certificate and install on your Nextcloud VM
1. In my case I am using Tailscale because I want my application accessible only within my Tailnet -> `sudo tailscale cert [MACHINE NAME]` to create my custom certificate.
2. The certificate file created by Tailscale is a `.crt` and a `.key` pair but I had no issues replacing the default `.pem` and `.key` used by Apache
2. Locate and modify the Apache `nextcloud_tls_domain_self_signed.conf` to use your new certificate -> `sudo nano /etc/apache2/sites-available/nextcloud_tls_domain_self_signed.conf`
1. In my case, the file I had to modify was the `nextcloud_http_domain_self_signed.conf` file created by Nextcloud VM located in the `/etc/apache2/sites-available` folder
2. At the very bottom of the file you will see the title `### LOCATION OF CERT FILES ###` where you will enter in the path of your new certificate files
```
### LOCATION OF CERT FILES ###
SSLCertificateFile /home/ncadmin/certificates/MY-CERTIFICATE.crt
SSLCertificateKeyFile /home/ncadmin/certificates/MY-CERTIFICATE.key
```
3. Finally, restart Apache and test
1. Become root -> `sudo -i`
2. Then restart Apache -> `service apache2 restart`
If everything worked, when you navigate to your Nextcloud instance there should be no HTTPS errors:
![[Nextcloud-ssl-1.png]]