Cal/CardDav no longer working on iPad (iOS 14)

Cal and Contact sync used to work on my iPad. It no longer does. It works on my iPhone and Mac.
The service discovery with .well-known works. The certificate is a valid wildcard cert from LetsEncrypt.

When I put in the domain in iOS dav setup, I get the logs below (showing service discovery works) and then an error: Cannot Connect Using SSL. I’ve tried various combinations with the Advanced settings: specify port, specify whole URL (copied from the calendar app in Nextcloud), add the port to the URL, etc etc etc. Nothing works.

I’ve tried the configuration profiles that come with Nextcloud. They install alright, but no calendars or contacts show up.

On my internal network I had my DNS server point the Nextcloud domain to the local network IP; iOS DAV setup would, for some reason, grab the SSL cert that’s default for the IP and not the domain. I’ve since removed that DNS entry so it grabs the actual external IP. It no longer grabs that default cert, but still no luck. It’s a dynamic IP, but hasn’t changed in months, maybe years.

I am at wit’s end. Any ideas?


Nextcloud version (eg, 20.0.5): 22.1.1
Operating system and version (eg, Ubuntu 20.04): official Docker image

Apache logs: - - [29/Sep/2021:22:34:27 +0000] "PROPFIND / HTTP/1.1" 405 1525 "-" "iOS/14.8 (18H17) accountsd/1.0" - - [29/Sep/2021:22:34:27 +0000] "PROPFIND /principals/ HTTP/1.1" 405 1527 "-" "iOS/14.8 (18H17) accountsd/1.0" - username [29/Sep/2021:22:34:12 +0000] "PROPFIND /remote.php/dav/ HTTP/1.1" 207 1832 "-" "iOS/14.8 (18H17) accountsd/1.0"

What did you change? NC update, iPad update?

No major updates on either. It was broken on NC 21, too (since I just recently updated in hopes it may fix it). And I hadn’t used my iPad a ton until I noticed.

The strange thing in your logs is, that it doesn’t seem to use the .well-known redirects…
If you access through an iPhone, it calls the same resources? I don’t really get why it should be different on an iPad.

Nature of the logs. The redirect happens in Traefik, the logs I showed are just from the NC container, afterwards.

I also just noticed my iPhone isn’t syncing contacts via CardDAV anymore. This is strange.

I may grab logs off the iPad and see if they show anything.

So the request times out when I add Nextcloud CalDAV. Which makes sense, because my login has been abysmally slow. It takes over a minute to log in…

Looks like this was due to my oc_authtoken table filling up, probably caused by not having cron set up correctly.