Added chain.cert but curl still says "unable to get local issuer certificate"

Hi, I am faced with a strange problem. I have several nextcloud 9 and owncloud 9 instances running on different servers (ubuntu 14.04 and 16.04). Pointing collabora to a collabora docker container running within a VirtualBox VM wth Ubuntu 16.04 is running. But as soon as I point collabora to a docker container running on bare metal Ubuntu 14.04 is giving me the error

Collabora Online: SSL-Zertifikat ist nicht installiert.Bitte deinen Administrator die ca-chain.cert.pem zum ownCloud ca-bundle.crt hinzuzufügen. Z.B. "cat /etc/loolwsd/ca-chain.cert.pem >> /resources/config/ca-bundle.crt". Die genaue Fehlermeldung war:cURL error 60: SSL certificate problem: unable to get local issuer certificate

I already added this cert to the ca-bundle of all instances but the error stays.

I appreciate any ideas to solve the problem!

Does really nobody has an idea what could be wrong?

Andy

Ciao @raceface2nd,
as I understand it you have four different ip; two are for the two nextcloud and two for the docker images. Now how many SSL Certificates you generated? And what did you use SSL certificates?

Hi, it’s just 3 servers with 3 different IPs. The first one (lets call it A) is a physical server with Ubuntu 14.04, docker with collabora and owncloud9.1; it serves SSL with separate vhosts/ subdomains and certificates for both services. The second (lets call it B) is a virtual server with Ubuntu 16.04 serving nextcloud 9.0.53 and owncloud 9.1.0; it serves both on separate subomains with separate certificates. The third one (lets call it C) is an Ubuntu 16.04 within a VM in virtual box, it only provides docker with collabora; this one is behind FritzBox router. All 3 machines are physically placed in different Locations with different public IPs.

The domains of all nextCloud and ownCloud instances are provided as environment variables when running both docker Containers with the slash as separator.

The thing now is, that all instances can connect without any trouble to the virtual box machine. So nextcloud and owncloud on B can connect to collabora on C as well as owncloud on A. Connecting nextcloud and owncloud on B to collabora on A throws the certificate error as well as connecting owncloud on A to collabora on A. In all cases I provided the subdomains of the docker instances to the collabora connector settings.

On A and C are the same docker containers running. The only difference is the OS where the containers are running. And I am wondering that all different nextCloud and ownCloud instances are working fluently together with one docker and not the other.

Figured out, that this error appears with LetsEncrypt certificates. I transferred a cert generated with StartCom to the server and the error message disappears.