Insecure https connection



When accesing the web interface or owncloud I get the message in the url box in my browser that the connection is insecure and something about certficates. Any idea how I can make the connection (the certificate) get verified?


(Rob Bosch) #2

Your server certificate needs to be in the trusted certificates in your browser. Adding it manually can be tedious, especially when you have a lot of clients.
Maybe Nethserver should have a certificate module that automatically uses something like

(Alessio Fattorini) #3

You can also buy and install it:

I bet that @giacomo can add more details about letsencrypt dev status :smile:


Could you describe how I can add this certificate manually (or where I can find the certificate on the server)?

(Alessio Fattorini) #5

Check my link above! :wink:

(Giacomo Sanchietti) #6

If you want to try it, I just pushed Let’s Encrypt support for NS 6.

(Alessio Fattorini) #7

That’s a really good news! Thanks for sharing. @dz00te would you mind to add it to your list?


I generated the certificate and can see it, but I am not sure how to install it in a browser. Since I have to import a .crt file I guess, do I just have to copy the certificate into a text file and save .crt?

(Alessio Fattorini) #9

You may put crt here:


and your key here:



db configuration setprop pki CrtFile '/etc/pki/tls/certs/your_certificate.crt'
db configuration setprop pki KeyFile '/etc/pki/tls/private/your_privatekey.key'


signal-event certificate-update


Yes I read that, but still my question remains: how do I get the .crt and .key files. I generated the certificate and I see it in the web interface. Where are those files saved and under what name on the server?

(Alessio Fattorini) #11

Maybe I weren’t clear enough, you have to buy them from your certification authority and install on NethServer


I see. Since Let’s Encrypt is a certification authority I could use this, right (and it is free)?

(Giacomo Sanchietti) #13

Yes it is.
You can try by installing packages from testing and follow instruction written inside the issue.

I’m doing a little fix, if you can wait a couple of hours I will also put a mini-howto on discourse :smile:

(Alessio Fattorini) #14

Ok, I’m not speaking about let’s encrypt here. Let’s encrypt isn’t supported yet since currently on QA
I was referring to installing a custom certificate obtained from a CA


That would be great. Thanks! I will wait then :smile:

Yes I understand. I was just asking. Thanks!

(Giacomo Sanchietti) #16

Take a look to: NethServer 6.7 02/16 updates & Let's Encrypt


Many thanks for this!

Since I just use a public IP address to reach the server from outside - is it possible to set this up (Let’s Encrypt) without having a public domain name?

(Giacomo Sanchietti) #18

No, it’s not.
But you could use a free domain name service (like