Adding custom CA certificate for nextcloud-client on Linux (Debian Stretch)


#1

I want to add self-signed certificate (or custom CA certificate) for nextcloud-client on Linux (Debian Stretch) without using GUI. I tried to add the certificate to ~/.pki/nssdb and /usr/local/share/ca-certificates but nextcloud-client don’t regard it. The same method works for curl or Chromium browser but not for nextcloud-client.

If I added the certificate from nextcloud-client GUI, there is no problem but I want to add the certificate programmaticly.

How can I do that? Where does nextcloud-client look for global CA certificates on Linux?

I installed the nextcloud-client using http://download.opensuse.org/repositories/home:/ivaradi/Debian_9.0_update repo.

regards


#2

I found that nextcloud-client (2.3.3) don’t regard the SSL certificate if it’s defined for multiple host addresses. It regards only the address on CN. Therefore the certificate don’t be trusted if it’s connected via a host addres from subjectAltName part.