Ssl on nextcloud official rockon

Hi all I’m smashing my head, i would activate ssl on nextcloud official rockon any idea on how to do?

Hi, afaik there is no way of enabling so you will need to let the traffic go through something like nginx to add ssl.

I have a letsencrypt rock-on I my GitHub repository that can do this, if you are interested I can share my config for it when I get home.


Please i would try to configure properly my nas
What do you think if i use certbot?

Hi @Giacomo_Bruno1,

As @HBDK answered, using Letsencrypt is currently a very good way to do so, and the Docker image used by @HBDK’s rock-on (linked in his post) is an excellent one. I’m a little short on time at the moment, but you can find more explanation on the Docker image’s documentation, or in a blog post written by (team author of this Docker image). The latter is more detailed than needed, but it does contain a good explanation and illustration of the overall process.

On the Rockstor side of things, there are plans to ease this kind of setup–with the goal of providing the elements to do everything through web-UI–but a lot of “background” elements need to be implemented first. The good news is, however, that most of this “foundation” work is well under-way (as detailed in several Github issues: #1982, #2003, #2009, #2013). Unfortunately, most of the current effort is focused on the transition to the next versions of Rockstor based on openSUSE, so this Rock-on-related work will not be ready before that.

Again, in the meantime I highly second @HBDK’s recommendation and the use of this Letsencrypt rock-on so I would give this a try at least.

I hope this helps, and let us know how it goes.

1 Like

Installed the rockon but i need help cause i dont understand
Finally i solved thanks for guide helped me alot

Hello there,

I’m at the same Point as Giacomo in 2019.
I have installed Nextcloud and encrypted the access with nginx proxy manager, but now there is a Point, where I need to encrypt nextcloud itself.
The Reason is, that I want to use the NC-Passwordmanager, but this app requires encrypted access.
Is there a way to get this to work?

P.S.: I hope it was right to use the old thread, instead of making a new one.

Best regards

@Felix, can you provide a bit more detail?
You are running the Nextcloud Rockon, as well as the nginx Rockon?
You have SSL enabled on nginx using a LetsEncrypt container for the SSL certificate (assuming the newer SWAG version from, compared to the one the HDBK used in his custom Rockon?

You’re planning on using the NextCloud Passwordmanager (not other ones like KeePass, etc.)?
And, in order to make it work, you actually need to enable SSL on the apache server that runs nextcloud in the Rockon?


I have the nextcloud rockon
I use the nginx proxy manager for reverse proxy and use the ssl from there
I plan to use the NC-password manager because I thought it’s the easiest way because nextcloud is already running
So yes therefor I need to turn on ssl encryption for the apache server and get this running with the proxy manager


I have started playing around with it. Have not got quite far enough with it. However, it seems to me that if NextCloud is recommended to be run with a reverse proxy like nginx, it should work, if certain overwrites have been done. After seeing this warning message:

and if If I look at the section it links to:
it might hold the key to getting this to work without having to muck around with the Apache server, unless you have already looked into it there.

Btw, I used the LetsEncrypt engine and nginx server that’s part of the linuxserver’s SWAG container (manually installed for now, might become another official Rockon later?)


I will give this a shot
I already read this, but didn’t understand it. I’m pretty new to the whole server topic, so I often need to get pointed to the right solution and I need to learn to understand the documentations :see_no_evil:


thanks for the pointing, it worked.
I added ‘overwriteprotocol’ => ‘https’ to the config.php and changed the command ‘overwrite.cli.url’ to my servername from the webaccess with also https at the beginning