CALDAV calendar: certificate issue in local network

hi @ncwarrior

in my case the problem is related to the myfritz service. Most guides are using some public dyndns providers. The difference is most likely that public dyndns providers don’t resolve ipv6 (AAAA) DNS records. In my situation I have to use AVM service as in Switzerland even residential DSL lines get semi-static IP (in opposite to Germany the provider is no obliged to assign new IP every 24h) - which violates DynDNS requirements.

From my experience there was no problem for Desktop Firefox (and Edge) but always hit two Android phones - both clients and browser. It looks like Android prefers IPv6 if available and “may be” Fritzbox handles IPv6 different in terms of port forwarding

In my case the ONLY stable solution was to block the public DNS record of myfritz to avoid IPv6 DNS resolution and provide internal IP. My try to setup internal resolution using pihole failed as I didn’t manage to setup the container with IPv6 internally. But clients keep asking for both A and AAAA records - this is why it resolves partly to the LAN IPv4 of the container and public IPv6. Maybe you don’t need this extra step if you Nextcloud domain has IPv4-only DNS.

Update 2023: now I learned this is right and there is no “IPv6 port forwarding” - you rather open the router firewall and send requests to the IPv6 of the Nextcloud server. and yes it IS possible to setup docker containers with IPv6 and make them available from outside! see NC not reachable over Domain - #2 by wwe for details.