SSLCACertificateFile “installdir/apache2/conf/server-ca.crt” Choose the correct directive based on your scenario and Apache version: Variable Then, modify the Apache configuration file to include the following line below the SSLCertificateKeyFile directive. If your certificate authority has also provided you with a PEM-encoded Certificate Authority (CA) bundle, you must copy it to the correct location in the previous table. In case of server startup errors, check the SSL certificate and key Approach B: Self-contained Bitnami installations You should now be able to access your application using an HTTPS URL. Refer to the FAQ for Windows, Linux and macOS for more information. $ sudo chmod 600 installdir/apache2/conf/bitnami/certs/server* Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands: $ sudo chown root:root installdir/apache2/conf/bitnami/certs/server* ![]() NOTE: If you use a different name for your CA certificate bundle, you should reconfigure the SSLCertificateChainFile or SSLCACertificateFile directives in the corresponding Apache configuration file to reflect the correct file name. SSLCACertificateFile “installdir/apache2/conf/bitnami/certs/server-ca.crt” If the application virtual host file does not exist, modify the Apache configuration file instead. If your certificate authority has also provided you with a PEM-encoded Certificate Authority (CA) bundle, you must copy it to the correct location in the previous table.Ĭheck if the application virtual host file listed in the next table exists and modify it to include an additional directive, below the SSLCertificateKeyFile directive. NOTE: If you use different names for your certificate and key files, you should reconfigure the SSLCertificateFile and SSLCertificateKeyFile directives in the corresponding Apache configuration file to reflect the correct file names. Installdir/apache2/conf/bitnami/certs/server.keyĬopy your SSL certificate and certificate key file to the specified locations. Installdir/apache2/conf/bitnami/certs/server.crt Use the table below to identify the correct locations for your certificate and configuration files. Approach A: Bitnami installations using system packagesįollow the steps below to activate SSL support: Once you obtain the certificate and certificate key files, you will need to update your server to use them. IMPORTANT: For security reasons, never post or disclose your server’s SSL private key in a public forum. You can either generate this on your own (explained here) or you can purchase one from a commercial certificate authority. Although this dummy certificate is fine for testing and development purposes, you will usually want to use a valid SSL certificate for production use. NOTE: The steps below assume that you are using a custom domain name and that you have already configured the custom domain name to point to your cloud server.īitnami images come with SSL support already pre-configured and with a dummy certificate in place. Users of Bitnami native installers should refer only to the Approach B sections. NOTE: The Approach A sections referred to below do not apply to Bitnami native installers. TIP: To quickly get started with HTTPS and SSL using a Linux native installer, follow these instructions to auto-configure a Let’s Encrypt SSL certificate. Learn more about the Bitnami stack environment and about OS X VMs. On OS X VMs, the installation directory is /opt/bitnami and OS X VM users can click the “Open Terminal” button to run commands. ![]() Switching ONLYOFFICE Docs v3.Before running the commands shown on this page, you should load the Bitnami stack environment by executing the installdir/use_APPNAME script (Linux and MacOS) or by clicking the shortcut in the Start Menu under “Start -> Bitnami APPNAME Stack -> Application console” (Windows). ![]() The current actual config file is always available via this link. Include /etc/nginx/includes/onlyoffice-documentserver-*.conf # sudo openssl dhparam -out dhparam.pem 4096 # ssl_trusted_certificate /etc/nginx/ssl/ # Replace with your ssl_trusted_certificate. # If your certficate has OCSP, enable OCSP stapling to reduce the overhead and latency of running SSL. ![]() Edit the /etc/onlyoffice/documentserver/nginx/ds.conf file changing all the parameters in double curly brackets Īdd_header X-Content-Type-Options nosniff.Sudo cp -f /etc/onlyoffice/documentserver/nginx/ /etc/onlyoffice/documentserver/nginx/ds.conf Copy the file to the ds.conf file using the following command:.Once you have the certificate, proceed with the steps below: Put them into a folder on the computer where ONLYOFFICE Docs is installed. Before you can start to switch your ONLYOFFICE Docs to HTTPS protocol, you will need to create a security certificate and the certificate private key.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |