Setting up OnlyOffice with Let's Encrypt

Hi there,

How can one setup OnlyOffice from the Marketplace with Let’s Encrypt. I’ve tried using the generic LE guide on DO tutorials, but that changes the config to direct the domain to the default nginx page. Any ideas?

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hey @rtaibah

I had a look for myself, and I think you are getting that issue because you are attempting to install Lets Encrypt via the nginx running on the Ubuntu VM, but the OnlyOffice One-Click is configured to just skip that and forward everything from port 80 and 443 (HTTP/HTTPS ports) directly to a docker container. All the config and logic is inside the Docker container.

This is not really a great method because you are going into the docker container and modifying it, but I think it should work:

  1. SSH into the Droplet
  2. List the ID’s of the running docker containers with docker container ls - look for the ID of the “onlyoffice/communityserver” container, you will also see it has the HTTP/HTTPS ports proxied to it.
  3. Now initialize a bash session inside the container by running: docker exec -it ID_OF_COMMUNITY_IMAGE /bin/bash
  4. Now you can go through the Let’s Encrypt instructions you referenced earlier, with a couple important notes:

A. The nginx config file for onlyoffice is located at /etc/nginx/sites-enabled/onlyoffice <-- _that’s where you add the server_name ...; line_ B. Instead of running systemctl reload nginxyou need to runservice nginx restart`

I struggled to do this, I found an easier solution was just to create a cloudflare account that basically sat between my droplet and the user and cloudflare provided it’s catch-all SSL certificate.

Really easy, hardly any setup.

Hope this offers a different perspective.


Thanks for the question and answer, I am doing the exact same thing!

However, when I tried to generate the certificate I get the following error:

Could not automatically find a matching server block for Set the `server_name` directive to use the Nginx installer.

My /etc/nginx/sites-available/onlyoffice file looks like this:

upstream fastcgi_backend {
        server unix:/var/run/onlyoffice/onlyoffice.socket;
        keepalive 32;

server {
        listen 80;
        listen 443 ssl;

        ssl_certificate {{SSL_CERTIFICATE_PATH}};
        ssl_certificate_key {{SSL_KEY_PATH}};

        fastcgi_keep_conn on;
        fastcgi_index   Default.aspx;
        fastcgi_intercept_errors on;

        include fastcgi_params;

        fastcgi_param HTTP_X_REWRITER_URL $http_x_rewriter_url;
        fastcgi_param SERVER_NAME $host;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO "";

        fastcgi_read_timeout    600;
        fastcgi_send_timeout    600;

        location / {
                root    /var/www/onlyoffice/WebStudio/;
                expires           0;
                add_header        Cache-Control no-cache;
                rewrite ^(.*)$ /StartConfigure.htm  break;

        location /api {
                fastcgi_pass fastcgi_backend;

        location  ~* ^/(warmup[2-9]?)/ {
                rewrite /warmup([^/]*)/(.*) /$2 break;
                fastcgi_pass unix:/var/run/onlyoffice/onlyoffice$1.socket;

The nginx -t command returns OK/success.

Any idea?