Caldav and Carddav errors in admin check

sidewyz1 · April 23, 2024, 4:43pm

Basically the title, I have the caldav and carddav errors in the admin security check.

The path to nextcloud is the fqdn of the site e.g.
/var/www/nextcloud.mydomain.tld/

Following the manual I have added to .htaccess

<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteRule ^\.well-known/carddav /nextcloud.mydomain.tld/remote.php/dav [R=301,L]
  RewriteRule ^\.well-known/caldav /nextcloud.mydomain.tld/remote.php/dav [R=301,L]
  RewriteRule ^\.well-known/webfinger /nextcloud.mydomain.tld/index.php/.well-known/webfinger [R=301,L]
  RewriteRule ^\.well-known/nodeinfo /nextcloud.mydomain.tld/index.php/.well-known/nodeinfo [R=301,L]
</IfModule>

I tested by entering nextcloud.mydomain.tld/.well-known/carddav into the browser and I was redirected to nextcloud.mydomain.tld/remote.php/dav/ which has:

This is the WebDAV interface. It can only be accessed by WebDAV clients such as the Nextcloud desktop sync client.

I assume the redirect is working correctly however, I still see:

Your web server is not properly set up to resolve “/.well-known/caldav”. Further information can be found in the documentation

in the security check… Ideas?

yosue_Navarro · April 24, 2024, 8:37am

Are you configuring it with Nginx or Apache??

If you are configuring it with Nginx you have to put this in your configuration file:

     location ^~ /.well-known/carddav {
        return 301 $scheme://$host:<port (if you have assigned it)>/remote.php/dav;
    }

    location ^~ /.well-known/caldav {
        return 301 $scheme://$host:<port (if you have assigned it)>/remote.php/dav;
    }

Btw how did you do for the nodeinfo and webfinger recommendation to not to appear?

akn · April 24, 2024, 2:48pm

After upgrading to Nextcloud Hub 8 (29.0.0), I also get this error message. The required forwarding is configured in the Nginx Proxy Manager and works. Calling up the URL in the browser also leads to the WebDAV message mentioned above.

Dayspring · April 24, 2024, 3:37pm

Same here. Was working fine for years, updated to 29, now got the errors mentioned above.

sidewyz1 · April 24, 2024, 4:04pm

Apache is the server and I didnt received the other errors

cvandesande · April 24, 2024, 4:18pm

Same here, I’ve had the same NGINX configuration for years. Upgraded to NC29 and now I have a caldav warning. Oddly no cardav error.

Koenisch · April 24, 2024, 5:56pm

Same here, after update to NC29

Your web server is not properly set up to resolve .well-known URLs, failed on: /.well-known/caldav

but /.well-known/caldav leads to remote.php/dav

sidewyz1 · April 24, 2024, 8:55pm

When posted I was on 27, now i’m on 28.0.4 and error still relevant.

kchan101 · April 25, 2024, 7:47am

+1

Oddly, mine’s only complaining about caldav - carddav seems fine.

Koenisch · April 25, 2024, 11:26am

The following changes I made in my .htaccess, then I pass successfull all test. Import are the numbers behind the Parameter R in the square bracket.

  RewriteRule ^\.well-known/webfinger /public.php?service=webfinger [R=404,QSA,L]
  RewriteRule ^\.well-known/carddav /remote.php/carddav/ [R=207,L]
  RewriteRule ^\.well-known/caldav /remote.php/caldav/ [R=207,L]

KR

sidewyz1 · April 25, 2024, 5:57pm

can you explain in more detail the configuration in the square bracket. Thanks

Koenisch · April 25, 2024, 6:49pm

Die Parameters are described in the apache docu.

https://httpd.apache.org/docs/2.4/rewrite/flags.html#flag_r

I just made a test with expected behaviour coded in the apps/settings/lib/SetupChecks)\WellKnownUrls.php

KR

Graham88 · April 25, 2024, 7:06pm

I’ve got exactly the same problem after upgrading to NC29.0.0. Never had this issue before. Error can’t be correct as the redirects are definitely working.

akn · April 25, 2024, 7:34pm

The Issue on GitHub: [Bug]: NC29 .well-known URLs, failed on: /.well-known/caldav · Issue #45033 · nextcloud/server · GitHub

akn · April 26, 2024, 1:43pm

Solution for me: Redirection to /remote.php/dav/ with trailing slash at the end in Nginx Proxy Manager makes the error message disappear.

cvandesande · April 26, 2024, 1:54pm

Same solution for me in NGINX. Missing trailing slash which wasn’t a problem before but is now in NC29.

-              location = /.well-known/carddav { return 301 https://$host/remote.php/dav; }
-              location = /.well-known/caldav  { return 301 https://$host/remote.php/dav; }
+              location = /.well-known/carddav { return 301 https://$host/remote.php/dav/; }
+              location = /.well-known/caldav  { return 301 https://$host/remote.php/dav/; }

JoMatr · April 26, 2024, 1:58pm

What is the correct procedure for Apache2?

pablillocea · May 2, 2024, 7:55am

This fixed the issue for me.

Koenisch · May 3, 2024, 10:32pm

The final solution for Apache is here.

It works with the default setting. I had the problem before and send a solution by changing the number in the redirect statement. The final solution was disabeling all rewrite rules in .htaccess and copy the the content (only the few lines with the rewrites) from git. Works for Apache.

  RewriteEngine On
  RewriteCond %{HTTP_USER_AGENT} DavClnt
  RewriteRule ^$ /remote.php/webdav/ [L,R=302]
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
  RewriteRule ^ocm-provider/?$ index.php [QSA,L]
  RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]

KR