Sometimes ports 80 and 443 are not available. We are going to use Letsencrypt’s certbot
--preffered-challenges dns options to get certificates and activate them manually.
You’ll need a domain and access to the DNS records to create a TXT record pointing to: _acme-challenge.yourNCP.yourdomain.tld with a challenge value provided by
certbot when running it with the
sudo apt install certbot python-certbot-apache
This installs Letsencrypt’s certbot and apache module (apache not tested yet)
sudo nano /etc/hosts
Add a line with your local IP hostname.domain.tld
sudo certbot -d yourNCP.domain.tld --manual --preferred-challenges dns certonly
This, interactively, generates all the required files and the certificate after providing challenge value for DNS TXT record and succesfully reading the DNS record.
sudo nano /etc/apache2/sites-enabled/nextcloud.conf
Edit to look like this, certbot provides these locations
sudo nano /var/www/nextcloud/config/config.php
Edit config.php trusted_domains array by replacing the localhost in 0 => ‘localhost’ with yourNCP.domain.tld:port
sudo service php7.0-fpm restart
To restart php7.0-fpm
sudo service apache2 restart
To restart apache2
You should now be able to access your NCP at https://yourNCP.domain.tld:portnr
I have my test NCP running on port 2443external/443internal, so I have a NAT/port forward accordingly. You are free to access your NCP on any port, now that domain and certificate are verified and installed.