AIO, Private Network and Certificates


After our last aborted attempt using multiple containers to install and test-drive NextCloud, work got in the way and the project got shelved. Now trying for a second time.

Let me state at the start that NextCloud has been installed on a private network and will only ever accessed on that private network.

So this time I went with what appeared to be the line of least resistance and I ran up an Ubuntu 22.04 LTS server VM and followed the bouncing ball from here:

to install AIO. I changed the environment so I could get past the original install by adding


and fired up the installation.

After we had struggled with the data directory permissions everything started up fine - all the containers are running. The we got to this stage
and this was quickly followed by this:

When I look in the apache logs I see repeated attempts to download a certificate from Lets Encrypt.

{“level”:“error”,“ts”:1691647454.1815548,“logger”:“tls.obtain”,“msg”:“could not get certificate from issuer”,“identifier”:“nc.pfs.lan”,“issuer”:“”,“error”:“HTTP 400 urn:ietf:params:acme:error:rejectedIdentifier - Error creating new order :: Cannot issue for "nc.pfs.lan": Domain name does not end with a valid public suffix (TLD)”}

Because of the complexity of our network topography my preference is simply to get rid of the requirement for a certificate completely. Failing that I would prefer the simplest solution that does not involve adding additional pieces to the puzzle.

Our employees currently access all of our internal network from wherever they happen to be via Cloudflare Warp. This works perfectly and and we want to continue to do exactly the same thing with NextCloud.

Any takers?

Hi, see

1 Like