Setting up webdav+https 1/3: server side on Debian

This howto is for setting up a webdav-over-https server to access files remotely with read/write access on Debian Squeeze (6). See the other posts in this series to set up the Debian client and the Windows 7 client.


  1. Get a public IP address for the server; in this example is assumed

  2. Choose a Fully Qualified Name (FQN) for your server to access it from the clients, in this example is used

  3. Choose a subdirectory of your https site where webdav will be accessible; in this example, /webdav is used

  4. Install the web server:

    apt-get install apache2
  5. Create the certificate for the https protocol; in this process, make sure the common name (CN) field is the same as the FQN above:

    mkdir /etc/apache2/ssl
    /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem
  6. Edit: to make sure the new certificate is picked up, edit the /etc/apache2/sites-available/default-sslfile deleting or commenting out the SSLCertificateFile and SSLCertificateKeyFile directives (which by defautlt point to the created by the ssl-cert package), replacing them both with a single SSLCertificateFile pointing to our own new certificate:

     SSLCertificateFile    /etc/apache2/ssl/apache.pem
  7. Enable https:

    a2ensite default-ssl
    a2enmod dav_fs
    a2enmod dav
    a2enmod ssl
  8. Create the directory for the files to stay:

    cd /var/www
    mkdir webdav
  9. Create users and passwords:

    cd /var/www/webdav
    htpasswd -c passwd.dav user1
    htpasswd passwd.dav user2
  10. Activate the /webdav path for the https web service, by adding the following to
    /etc/apache2/sites-available/default-ssl, after the CustomLog entry within the <VirtualHost \_default\_:443> tag:

    Alias /webdav /var/www/webdav
    <Location /webdav>
      DAV On
      Options Indexes MultiViews
      AuthType Basic
      AuthName WebDAV
      AuthUserFile /var/www/passwd.dav
      Require valid-user
  11. Restart the apache2 server:

    /etc/init.d/apache2 restart
  12. Finally, open port 443 for NAT on your router to make sure the https can pass through.