Switching ONLYOFFICE Docs for Windows to HTTPS protocol

Introduction

In most cases accessing the editors via HTTPS protocol is much more secure than via HTTP which is used by default. But to change the editors' access method, certain actions must be performed. Please follow the steps below to find out how to switch your ONLYOFFICE Docs to HTTPS protocol.

Switching ONLYOFFICE Docs v5.3 and later to HTTPS

Before you can start to switch your ONLYOFFICE Docs to HTTPS protocol, you will need to create a security certificate and the certificate private key. Put them into a folder on the computer where ONLYOFFICE Docs is installed.

Once you have the certificate, proceed with the steps below:

All the commands should be executed with administrative privileges. To start a command prompt as an administrator, right-click the Start menu button in the lower left corner of the desktop and click the Command Prompt (Admin) option.
  1. Stop the ONLYOFFICE DocumentServer Proxy service:
    net stop DsProxySvc
  2. Copy the %ProgramFiles%\ONLYOFFICE\DocumentServer\nginx\conf\ds-ssl.conf.tmpl file to the %ProgramFiles%\ONLYOFFICE\DocumentServer\nginx\conf\ds.conf file using the following command:
    COPY /Y "%ProgramFiles%\ONLYOFFICE\DocumentServer\nginx\conf\ds-ssl.conf.tmpl" "%ProgramFiles%\ONLYOFFICE\DocumentServer\nginx\conf\ds.conf"
  3. Edit the %ProgramFiles%\ONLYOFFICE\DocumentServer\nginx\conf\ds.conf file by changing all the parameters in double curly brackets {{...}} for the actually used:
    Please note that the backslash characters ( \ ) must be escaped in one of the following ways: С:\\yourfolder\\certificates\\onlyoffice.key or С:/yourfolder/certificates/onlyoffice.key. If there are spaces in the path, you need to take it all into quotation marks, e.g.: "С:/yourfolder/my certificates/onlyoffice.key".
    • {{SSL_CERTIFICATE_PATH}} - the path to the SSL certificate you have got;
    • {{SSL_KEY_PATH}} - the path to the SSL certificate private key;
    • {{SSL_VERIFY_CLIENT}} - whether the verification of client certificates is enabled (with available values of on, off, optional and optional_no_ca);
    • {{CA_CERTIFICATES_PATH}} - the path to the client certificate, which will be verified if enabled with the previous parameter;
    • {{ONLYOFFICE_HTTPS_HSTS_MAXAGE}} - advanced configuration option for setting the HSTS max-age in the ONLYOFFICE Docs NGINX vHost configuration, and applicable only when SSL is in use (usually defaults to 31536000 which is considered to be safe enough);
    • {{SSL_DHPARAM_PATH}} - the path to the Diffie-Hellman parameter;
    Please see NGINX documentation for more information on SSL parameters used in the configuration file.
  4. When all the changes are made, you can start the ONLYOFFICE DocumentServer Proxy service again:
    net start DsProxySvc
    Port 443 must be opened for correct portal operation.
  5. Execute %ProgramFiles%\ONLYOFFICE\DocumentServer\bin\documentserver-update-securelink.bat

Switching ONLYOFFICE Docs v4.3–v5.2 to HTTPS

To switch ONLYOFFICE Docs v4.3/v5.2 to HTTPS, you need to perform all the steps above, paying attention that the second and the third steps will look differently and must be like this:

  1. ...
  2. Copy the %ProgramFiles%\ONLYOFFICE\DocumentServer\nginx-1.11.4\conf\onlyoffice-documentserver-ssl.conf.template file to the %ProgramFiles%\ONLYOFFICE\DocumentServer\nginx-1.11.4\conf\onlyoffice-documentserver.conf file using the following command:
    COPY /Y "%ProgramFiles%\ONLYOFFICE\DocumentServer\nginx-1.11.4\conf\onlyoffice-documentserver-ssl.conf.template" "%ProgramFiles%\ONLYOFFICE\DocumentServer\nginx-1.11.4\conf\onlyoffice-documentserver.conf"
  3. Edit the %ProgramFiles%\ONLYOFFICE\DocumentServer\nginx-1.11.4\conf\onlyoffice-documentserver.conf file by changing all the parameters in double curly brackets {{...}} for the actually used...
  4. ...

Host ONLYOFFICE Docs on your own server or use it in the cloud

Article with the tag:
Browse all tags