Odoo Help


How to set up Odoo 8 with SSL and Apache2?

on 8/27/14, 8:44 AM 38,558 views

Hey guys

I've been trying to get SSL on Odoo 8 with Apache2 on Ubuntu 14.04 but I can't get it to work.
I've tried https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-12-04 and tried modifying the config files for SSL.
Manuall edited ports.conf, apache2.conf, 000-default.conf and default-ssl.conf to set my ports to 8069 but nothing seems to work.

Did anybody get SSL working on Ubuntu (14.04) with Odoo 8 and Apache2 on localhost?
I'd love to get my hands on a guide / commands / help.

With kind regards

I'm still really looking for a solution..

on 8/29/14, 3:17 AM

Apache (as reverse proxy) SSL works for me. Use my own guide: http://wiki.openworx.nl/doku.php?id=reverse_proxy_openerp

Openworx, Mario Gielissen | Openworx
on 8/29/14, 5:36 AM

Thank you for the guide Mario. Sadly this one doesn't work for my Odoo 8 & Ubuntu 14.04. Do you have a full guide including the SSL install etc or one for Odoo8/Ubuntu14.04?

on 9/3/14, 3:23 AM

Yenthe, I will make a new guide for Ubuntu 14.04 soon.

Openworx, Mario Gielissen | Openworx
on 9/3/14, 4:51 AM

Mario, that would be much appreciated. Both by me and the community probably! :) Keep me updated please.

on 9/3/14, 8:59 AM
Fabian Tribrunner
On 9/19/14, 9:31 AM

Hi Yenthe,

here my config with subdomains/virtual hosts:

your own ssl cert:
openssl genrsa -out privkey.pem 2048
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095

copy both files to /etc/ssl/erp/

a2enmod ssl
a2enmod rewrite
a2enmod proxy_http
a2enmod headers

make a file "odoo" in /etc/apache2/sites-available

copy/past/edit this:

<VirtualHost *:80>
ServerName erp.your-domain.at
ServerAdmin admin@your-domain.at

Redirect permanent / https://erp.your-domain.at/
    TransferLog /var/log/apache2/transfer.erp.your-domain.at.log

<VirtualHost *:443>
   ServerName erp.your-domain.at
   ServerAdmin admin@erp.your-domain.at

   SSLProxyEngine on
   SSLEngine on
   SSLCertificateFile /etc/ssl/erp/cacert.pem
   SSLCertificateKeyFile /etc/ssl/erp/privkey.pem
   SSLCACertificateFile    /etc/ssl/erp/cacert.pem
   RequestHeader set "X-Forwarded-Proto" "https"
   SetEnv proxy-nokeepalive 1
        ProxyPass /
        ProxyPassReverse /
   ProxyErrorOverride off
   TransferLog /var/log/apache2/transfer.erp.your-domain.at.log
   #Fix IE problem (httpapache proxy dav error 408/409)
   SetEnv proxy-nokeepalive 1

YOU MUST change the path to your ssl certificate + the domain

your ports.conf (in apache2 dir) should look like this (on debian7):

NameVirtualHost *:80
Listen 80

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
NameVirtualHost *:443    
Listen 443


<IfModule mod_gnutls.c>
    Listen 443


a2ensite odoo
service apache2 restart


thats it ;-)

Fabian, thank you for sharing but I'm having some troubles.. At the command 'a2ensite odoo' I get 'Error: Site odoo does not exist!' while I have on there. See here: http://i.imgur.com/rZBDDyF.png

on 9/22/14, 7:30 AM

Try to rename the file to odoo.conf

On Ubuntu that seemed to be necessary.


Fabian Tribrunner
on 9/22/14, 7:44 AM

Fixed me own error. I forgot to make it a .conf file. But now I'm getting an 'secure connection failed' message if I browse to the localhost adres. (http://imgur.com/WxJVDy0) Could you change the configuration in your answer to localhost? I have a feeling I configged something wrong..

on 9/22/14, 7:52 AM

this articel will help you :-) http://stackoverflow.com/questions/119336/ssl-error-rx-record-too-long-and-apache-ssl

Fabian Tribrunner
on 9/22/14, 8:02 AM

Hey Fabian, sadly that didn't really help me. Could you have a look at these and tell me if you see the problem perhaps? If I get this working I will write a step-by-step guide for everybody too. Apache2 logfile: http://pastebin.com/fDFVj30G Ports.conf: http://pastebin.com/mp5bPm7y odoo.conf: http://pastebin.com/Ba6J54bX I'd love any extra information!

on 9/22/14, 10:15 AM

[Mon Sep 22 16:10:55.531053 2014] [ssl:warn] [pid 4432:tid 140145496033152] AH01909: RSA certificate configured for does NOT include an ID which matches the server name ---------------- comes from a not proper signed ssl cert. add new ssl cert with: openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -keyout localhost.key -out localhost.crt make sure if you were asked "Common Name (e.g. server FQDN or YOUR name) []:" while making the cert ---> type "localhost" cp both files to etc/ssl/erp/ try this odoo.conf: http://pastebin.com/s0BXgvHS works? :-)

Fabian Tribrunner
on 9/22/14, 10:33 AM

This did the job, atleast for my localhost! Thank you Fabian :-) Now to test it on a server with webaddress.

on 9/23/14, 3:08 AM
On 7/19/17, 5:48 AM

You Can use Apache as well with mod wsgi . its very easy . you can check tutorial here :-


you will get a series of video  for lean Apache with mod wsgi on Ubuntu.


Grahame Jordan
On 11/27/16, 7:18 AM

Tried this for days. Had problems when logging out etc. The redirect would redirect to http not https as requested.

Here is my solution. 

<IfModule mod_ssl.c>
<VirtualHost *:8088>
 ServerName odoo.whereever.com
ServerAdmin odoo@whereever.com
<Proxy *>
Order deny,allow
Allow from all
SSLProxyEngine on
ProxyPreserveHost On
SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/odoo.wherever.com.pem
        SSLCertificateKeyFile /etc/apache2/ssl/odoo.wherever.com.pem
        ProxyRequests Off
        ProxyPassMatch ^/(.*)$1
        #ProxyPass ^/(.*)$1
        ProxyPassReverse /web http://odoo.wherever.com:8088/web
        ProxyErrorOverride off
        LogLevel debug
        TransferLog /var/log/apache2/odoo.wherever.com-8088-transfer.log
        ErrorLog /var/log/apache2/odoo.wherever.com-8088-error.log
        CustomLog /var/log/apache2/odoo.wherever.com-8088.log combined
        #Fix IE problem (httpapache proxy dav error 408/409)
        SetEnv proxy-nokeepalive 1 RequestHeader set "X-Forwarded-Proto" "https"

Mmmm? whats up with this board. Had to reformat my code by hand. No newlines????


Grahame Jordan

Dr Obx
On 12/2/15, 7:00 AM

This subject is quiet old but i just decided to do the same. Unfortunately step 11 openssl genrsa –out privkey.pem 2048

does nothing and gives me an error:


root@nefitari:/etc/apache2# openssl genrsa –out privkey.pem 2048

usage: genrsa [args] [numbits]

-des encrypt the generated key with DES in cbc mode

-des3 encrypt the generated key with DES in ede cbc mode (168 bit key)


encrypt PEM output with cbc seed

-aes128, -aes192, -aes256

encrypt PEM output with cbc aes

-camellia128, -camellia192, -camellia256

encrypt PEM output with cbc camellia

-out file output the key to 'file

-passout arg output file pass phrase source

-f4 use F4 (0x10001) for the E value

-3 use 3 for the E value

-engine e use engine e, possibly a hardware device.

-rand file:file:...

load the file (or the files in the directory) into

the random number generator



Any suggestions what i suppose to do with it ?

all other steps works just fine.

Of course at the end https://localhost doesn't work ...... 


I found the culprit, wrong syntax ;) 



| 8 8 8

My Odoo blog: http://www.odoo.yenthevg.com/

My Twitter: https://twitter.com/Yenthe666

On 9/23/14, 3:54 AM

Thanks to the post of Fabian I've got everything working. All credit goes to him, and so should the 'upvotes'. :)
This is an easy step-by-plan for Odoo 8 on Ubuntu 14.04:

  1. Sudo apt-get install apache2
  2. Sudo a2enmod ssl
  3. Sudo a2enmod rewrite
  4. Sudo a2enmod proxy_http
  5. Sudo a2enmod headers
  6. Sudo service apache2 restart
  7. Cd /etc/ssl
  8. Sudo mkdir erp
  9. Sudo chmod 777 erp
  10. Sudo cd erp
  11. openssl genrsa –out privkey.pem 2048
  12. openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -keyout localhost.key -out localhost.crt
    If the line “Common Name (e.g. server FQDN or YOUR name) []:” is asked be sure to give in “localhost”!
  13. cd /etc/apache2/sites-available
  14. sudo nano odoo.conf
  15. Add following lines in odoo.conf: http://pastebin.com/s0BXgvHS
  16. Cd ../
  17. Sudo nano ports.conf
  18. Add following lines in ports.conf: http://pastebin.com/mp5bPm7y
  19. Sudo a2ensite odoo
  20. Sudo service apache2 restart
  21. Sudo nano /etc/apache2/apache2.conf
  22. Add this to the last line of the file: ServerName localhost

Surf to https://localhost/ and you've got a nice HTTPS connection!

Hi. Thanks for the post. I have did what you suggested above. The SSL connection works. But there's a glitch. When i connect to https://localhost/ it works. Selected a database "Trial" But when i tried to login, it automatically switches to http://localhost/web?db=Trial "Not Found The requested URL /web was not found on this server. Apache/2.4.7 (Ubuntu) Server at localhost Port 80" I edited the server address to https://localhost/web?db=Trial (by editing to add the "https://") then it works. How do i fix this (so that it doesn't change to port 80) during login (or logout) Thanks

Mohamed Alsagoff
on 9/27/15, 11:16 AM
Malte Helmhold
On 11/3/14, 12:39 PM

I don't know, but my browsers do not trust these connections. whatever I'm doing. I see that it's always redirecting to the ssl domain (I tried various tutorials, but I always get (depending on the browser) untrusted connection messages. 

for example in firefox: this website does not supply identity information, the conneciton of the website is not fully secure because it contains unencrypted elements (such as images)

Also in Chrome I get: Your conneciton is not private. 

Only in safari I can see the the odoo starting page, without complaints. But I can't see the https hint in the browser bar:( only the domain name is there. 

don't I have to certify this certificate somewhere? 

any suggestions? 




Brandon Newport
On 11/25/14, 6:08 PM

I have created a blog for various setup issues regarding Odoo. Setting up Apache as an SSL Reverse Proxy with Odoo running on Ubuntu 14.04. If you still need help the link is below:




Francisco Milland
On 1/18/15, 10:22 PM



Francisco Milland
On 1/18/15, 10:23 PM


I followed your guides to install a Commercial SSL certificate on apache (Domain Validation),  I set up the certificate correctly according to https://www.sslchecker.com,  however two things are happening, 1.-  the redirect it's no working, ej (http redirects to https) and 2. Similar to Malte, I get an untrusted connection (warning sign before domain) on Firefox and Chrome, Safari opens the site normally.

Any suggestions? 



Timo Goosen
On 8/27/14, 9:22 AM

Don't use Apache2. Rather use Nginx. 


You can follow this guide:




I've tried it and it works.


Both guides do not seem to work with Odoo V8 sadly..I get 404 not found errors etc. So I was hoping there was a guide around for Odoo 8

on 8/27/14, 10:44 AM

Maybe I have too much already configured on apache and "just use nginx" might not be practical. Surely it can be configured to work on apache?

Grahame Jordan
on 10/28/16, 8:25 AM

About This Community

This platform is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.


Odoo Training Center

Access to our E-learning platform and experience all Odoo Apps through learning videos, exercises and Quizz.

Test it now

Question tools

7 follower(s)


Asked: 8/27/14, 8:44 AM
Seen: 38558 times
Last updated: 7/19/17, 5:48 AM