Setup the SSL encryption to NextCloud

mkdir -p /etc/apache2/ssl


cd /etc/apache2/ssl


openssl genrsa -out server.key 4096

openssl req -new -key server.key -out server.csr

Country:  US

State or Province Name (Bundesland): = z. B. NY

Locality Name, eg. City (Stadt): = New York

Organization Name (Firmenname): = Private

Organizational Unit Name (Abteilung) = Enter

Common Name, eg. YOUR Name: = Name of the Server

Email Adress: = E-Mail Adress

A challenge password: = Enter 

An optional company name: = Enter

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

chmod 400 server.key

nano /etc/apache2/sites-enabled/000-default

Add the following:

<VirtualHost *:443>

DocumentRoot /var/www

ServerName NAME EURES SERVERS

SSLEngine on

SSLCertificateFile /etc/apache2/ssl/server.crt

SSLCertificateKeyFile /etc/apache2/ssl/server.key

</VirtualHost>

nano /etc/apache2/sites-available/default

Add the following:

<VirtualHost *:443>

DocumentRoot /var/www

ServerName NAME EURES SERVERS

SSLEngine on

SSLCertificateFile /etc/apache2/ssl/server.crt

SSLCertificateKeyFile /etc/apache2/ssl/server.key

</VirtualHost>

nano /etc/apache2/sites-available/default-ssl

Add the following if not there:

<IfModule mod_ssl.c>

<VirtualHost *:443>

ServerAdmin webmaster@localhost


DocumentRoot /var/www

<IfModule mod_ssl.c>

SSLEngine on

SSLCertificateKeyFile /etc/apache2/ssl/server.key

SSLCertificateFile /etc/apache2/ssl/server.crt

SetEnvIf User-Agent ".*MSIE.*" \

nokeepalive ssl-unclean-shutdown \

downgrade-1.0 force-response-1.0

</IfModule>

nano /etc/apache2/ports.conf

Add the following:

NameVirtualHost *:443

Listen 443

a2enmod ssl

apache2ctl configtest

apache2ctl restart

Read a certificate:

openssl x509 noout -text -in certifikatname.crt