Enabling Https with Apache

For users who use Let’s Encrypt, you can obtain a valid certificate via

On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you’ll need to do is apt-get the following packages.

Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:

  1. sudo certbot --apache certonly

To learn more about how to use Certbot you can read threir documentation.

Assume you have configured Apache as . To use https, you need to enable mod_ssl

  1. LoadModule ssl_module modules/mod_ssl.so

Then modify your Apache configuration file. Here is a sample:

  1. <VirtualHost *:443>
  2.   ServerName www.myseafile.com
  3.   DocumentRoot /var/www
  5.   SSLCertificateFile /path/to/cacert.pem
  6.   SSLCertificateKeyFile /path/to/privkey.pem
  8.   Alias /media  /home/user/haiwen/seafile-server-latest/seahub/media
  10.   <Location /media>
  11.     Require all granted
  12.   </Location>
  14.   RewriteEngine On
  16.   #
  17.   # seafile fileserver
  18.   ProxyPass /seafhttp http://127.0.0.1:8082
  19.   ProxyPassReverse /seafhttp http://127.0.0.1:8082
  22.   #
  23.   # seahub
  24.   #
  25.   SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
  26.   ProxyPass / http://127.0.0.1:8000/
  27.   ProxyPassReverse / http://127.0.0.1:8000/
  28. </VirtualHost>

Since you change from http to https, you need to modify the value of “SERVICE_URL” in ccnet.conf. You can also modify SERVICE_URL via web UI in “System Admin->Settings”. (Warning: if you set the value both via Web UI and ccnet.conf, the setting via Web UI will take precedence.)

You need to add a line in seahub_settings.py to set the value of FILE_SERVER_ROOT. You can also modify FILE_SERVER_ROOT via web UI in “System Admin->Settings”. (Warning: if you set the value both via Web UI and seahub_settings.py, the setting via Web UI will take precedence.)

  1. FILE_SERVER_ROOT = 'https://www.myseafile.com/seafhttp'