Nextcloud version (eg, 20.0.5): 24.0.6
Operating system and version (eg, Ubuntu 20.04): Debian 11
Apache or nginx version (eg, Apache 2.4.25): 2.4.51
PHP version (eg, 7.4): 7.4
The issue you are facing: Recently I migrated my nextcloud installation to new server. The migration itself went smoothly, and everything seemed to work after migration. During the migration I also moved my nextcloud from server root (www.myserver.net) to subdomain (cloud.myserver.org) After some days I recognized that CalDAV and CardDAV syncs occassionally fail on my phone. CardDav (on DAVx5) mostly works, but CalDAV fails maybe every other sync. I use OneCalendar app on Android phone, and while I realize that the problem could be on client side too, the sync did work perfectly before the migration. So I think I have something wrong with my config.
Is this the first time you’ve seen this error? (Y/N): Y
Steps to replicate it:
- install nextcloud as above
- add nextcloud calendar to OneCalendar
- get “Not Authorized” error or sometimes something else
The output of your Nextcloud log in Admin > Logging :
{"reqId":"Uuij6Cc4Exlsm2CmrrKD","level":2,"time":"2022-11-02T13:05:23+00:00","remoteAddr":"62.148.121.8","user":"username","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/username//","message":"Login failed: 'username' (Remote IP: '62.148.121.8')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"},"id":"63626dafda1e5"}
That URL in the log above seems wrong to me, as it seems to point to WebDAV instead of CalDAV.
The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'instanceid' => 'asdds',
'passwordsalt' => 'ldsas',
'secret' => 'dsas',
'trusted_domains' =>
array (
0 => 'localhost',
1 => '192.168.1.50',
2 => 'cloud.myserver.net',
3 => 'office.myserver.net',
),
'datadirectory' => '/media/data/nextcloud-data',
'dbtype' => 'mysql',
'version' => '24.0.6.1',
'overwrite.cli.url' => 'http://localhost',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextclouduser',
'dbpassword' => 'secretpasswd',
'installed' => true,
'memcache.local' => '\OC\Memcache\APCu',
'allow_local_remote_servers' => true,
'maintenance' => false,
'theme' => '',
'loglevel' => 2,
'mail_smtpmode' => 'smtp',
'mail_sendmailmode' => 'smtp',
'mail_from_address' => 'admin',
'mail_domain' => 'myserver.net',
'default_phone_region' => 'FI',
# 'default_language' => 'fi'
# 'default_locale' => 'fi_FI'
'data-fingerprint' => 'aed61ca0c096b76d20059e90de7ab662',
The output of your Apache/nginx/system log in /var/log/____ (nothing interesting):
[Wed Nov 02 15:11:35.137482 2022] [mpm_prefork:notice] [pid 278] AH00171: Graceful restart requested, doing restart
[Wed Nov 02 15:11:35.194757 2022] [mpm_prefork:notice] [pid 278] AH00163: Apache/2.4.54 (Debian) OpenSSL/1.1.1n configured -- resuming normal operations
[Wed Nov 02 15:11:35.194770 2022] [core:notice] [pid 278] AH00094: Command line: '/usr/sbin/apache2'
This is error message from OneCalendar app.
Not authorized
Action: ReceiveCalendar
Calendar: Työvuorot
XCalendarApp.ProviderBase.Exceptions.AccountAuthorizationException: Not authorized
at XCalendarApp.CalDavProvider.DavHttpWebRequest.Request (System.Uri url, System.String httpMethod, System.String contentType, System.String requestContent, System.Int32 maxRedirects) [0x00271] in <f373407d60214f4280d4d13a7f1ce8ff>:0
at XCalendarApp.CalDavProvider.DavHttpWebRequest.Request (System.Uri url, System.String method, System.String contentType, System.String requestContent) <0x782e2915bc + 0x00127> in <f373407d60214f4280d4d13a7f1ce8ff>:0
at Dav.Client.Common.DavCommon.Request (System.Uri url, System.String method, System.String contentType, System.String requestContent, System.Collections.Generic.Dictionary`2[TKey,TValue] headers) [0x000e2] in <f56deadeacd74c3bae693356bcd1d51b>:0
at Dav.Client.CalDav.CalDavServerCalendar.RequestSync (System.String syncToken, System.Int32 maxFetchLimit, System.Boolean useLimits) [0x00122] in <f56deadeacd74c3bae693356bcd1d51b>:0
at Dav.Client.CalDav.CalDavServerCalendar.GetSyncChanges (System.String syncToken) [0x000a3] in <f56deadeacd74c3bae693356bcd1d51b>:0
at XCalendarApp.CalDavBaseProvider.CalDavBaseAccount`1[TCachedCalDavBaseCalendar].SyncReceiveCalendarFromProvider (TCachedCalDavBaseCalendar cachedCalDavBaseCalendar, XCalendarApp.Model.Data.SyncResults.SyncResult syncResult) <0x782e1de2d0 + 0x005d3> in <fae083817ada44479291bc758539a4dc>:0
at XCalendarApp.ProviderBase.AccountProviderBase`9[TCachedCalendar,TProviderCalendarItem,TCachedAppointment,TProviderAppointmentItem,TCachedContacts,TCachedContact,TProviderContactItem,TAppointmentDbData,TAccountOptions].SyncReceiveCalendar (TCachedCalendar calendar, XCalendarApp.Model.SyncReason syncReason) <0x782e40a6e0 + 0x0048b> in <486d19f8ca8c4c0d9740bc42f807a0f1>:0
For CardDAV (DavX) the usual errors are like “Authentication failed. Check Login Credentials”. I don’t have accurate logs about DAVx.
My nextcloud.log, or last parts of it:
{"reqId":"q886oN4Bm9sTZsOYe2Zk","level":2,"time":"2022-10-29T17:34:18+00:00","remoteAddr":"192.168.1.132","user":"auvo","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo/","message":"Login failed: 'auvo' (Remote IP: '192.168.1.132')","userAgent":"Mozilla/5.0 (Linux) mirall/3.1.1-2+deb11u1 (Nextcloud)","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"kpAGv4C9u2wqA1YbNvD4","level":2,"time":"2022-10-29T17:37:10+00:00","remoteAddr":"192.168.1.132","user":"auvo","app":"core","method":"GET","url":"/ocs/v2.php/apps/notifications/api/v2/notifications","message":"Login failed: 'auvo' (Remote IP: '192.168.1.132')","userAgent":"Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"6kiPamAkGIYxWDSRV7nL","level":2,"time":"2022-10-29T18:06:05+00:00","remoteAddr":"62.148.121.8","user":"auvo","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo//","message":"Login failed: 'auvo' (Remote IP: '62.148.121.8')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"NMWF9PBSxeWLOGtfM2gb","level":2,"time":"2022-10-31T18:45:40+00:00","remoteAddr":"192.168.1.149","user":"auvo","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo//","message":"Login failed: 'auvo' (Remote IP: '192.168.1.149')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"MYokTTt6bATOZEM0Fvdt","level":2,"time":"2022-11-01T16:05:26+00:00","remoteAddr":"192.168.1.149","user":"auvo","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo//","message":"Login failed: 'auvo' (Remote IP: '192.168.1.149')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"70eqXRHu6eWjDm1Mioy4","level":2,"time":"2022-11-01T17:06:45+00:00","remoteAddr":"192.168.1.149","user":"auvo","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo//","message":"Login failed: 'auvo' (Remote IP: '192.168.1.149')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"TbIL7EXlffWJ9MZfuXBu","level":2,"time":"2022-11-01T18:36:32+00:00","remoteAddr":"192.168.1.128","user":"auvo","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo/Media/Videot","message":"Login failed: 'auvo' (Remote IP: '192.168.1.128')","userAgent":"Mozilla/5.0 (Windows) mirall/3.4.1stable-Win64 (build 20211221) (Nextcloud, windows-10.0.19044 ClientArchitecture: x86_64 OsArchitecture: x86_64)","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"Dd3D3Hj5c2aDhh6EAP0k","level":2,"time":"2022-11-01T20:30:48+00:00","remoteAddr":"192.168.1.149","user":"auvo","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo//","message":"Login failed: 'auvo' (Remote IP: '192.168.1.149')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"Sx8UaTD0vFn1xatbMiTw","level":2,"time":"2022-11-01T21:30:51+00:00","remoteAddr":"192.168.1.149","user":"--","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo//","message":"Login failed: 'auvo' (Remote IP: '192.168.1.149')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"6zNJpOS4LMrdTp5eZmG8","level":2,"time":"2022-11-02T10:58:41+00:00","remoteAddr":"62.148.121.8","user":"auvo","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo//","message":"Login failed: 'auvo' (Remote IP: '62.148.121.8')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"ozDbZOZV3BxXtqDqfoCd","level":2,"time":"2022-11-02T11:14:00+00:00","remoteAddr":"62.148.121.8","user":"--","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo//","message":"Login failed: 'auvo' (Remote IP: '62.148.121.8')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"KBQINgO6H1S34Vsa56rq","level":2,"time":"2022-11-02T12:54:28+00:00","remoteAddr":"62.148.113.22","user":"admin","app":"core","method":"GET","url":"/index.php/apps/logreader/poll?lastReqId=ozDbZOZV3BxXtqDqfoCd","message":"Login failed: 'admin' (Remote IP: '62.148.113.22')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"Uuij6Cc4Exlsm2CmrrKD","level":2,"time":"2022-11-02T13:05:23+00:00","remoteAddr":"62.148.121.8","user":"auvo","app":"core","method":"PROPFIND","url":"/remote.php/dav/files/auvo//","message":"Login failed: 'auvo' (Remote IP: '62.148.121.8')","userAgent":"Mozilla/5.0 (Android) Nextcloud-android/3.22.2","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"ob7qJq2cZ2NcT8IlLZ93","level":2,"time":"2022-11-02T13:06:41+00:00","remoteAddr":"62.148.113.22","user":"admin","app":"core","method":"GET","url":"/ocs/v2.php/apps/notifications/api/v2/notifications","message":"Login failed: 'admin' (Remote IP: '62.148.113.22')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0","version":"24.0.6.1","data":{"app":"core"}}
{"reqId":"6ZM4E3VQt2aqSHBH3uYo","level":2,"time":"2022-11-02T13:31:46+00:00","remoteAddr":"62.148.113.22","user":"admin","app":"core","method":"GET","url":"/ocs/v2.php/apps/notifications/api/v2/notifications","message":"Login failed: 'admin' (Remote IP: '62.148.113.22')","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0","version":"24.0.6.1","data":{"app":"core"}}
<VirtualHost *:80>
ServerName cloud.myserver.net
Redirect permanent / https://cloud.myserver.net
</VirtualHost>
<VirtualHost *:443>
ServerName cloud.myserver.net
ServerAlias www.cloud.myserver.net
DocumentRoot "/var/www/nextcloud"
SSLEngine on
SSLCertificateFile /etc/ssl/__myserver_net.crt
SSLCertificateKeyFile /etc/ssl/myserver.key
SSLCertificateChainFile /etc/ssl/__myserver_net.ca-bundle
<Directory /var/www/nextcloud/>
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
<IfModule mod_dav.c>
Dav off
</IfModule>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
</Directory>
Redirect 301 /.well-known/carddav https://cloud.myserver.net/remote.php/dav
Redirect 301 /.well-known/caldav https://cloud.myserver.net/remote.php/dav
</VirtualHost>
As you can see, I have added the sub-domain config to the apache config file. Which didn’t affect the issue at all. I also have added same settings to .htaccess, which also had no effect. Here’s those lines from my .htaccess:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} DavClnt
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^\.well-known/carddav https://cloud.myserver.net/remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/caldav https://cloud.myserver.net/remote.php/dav/ [R=301,L]
RewriteRule ^remote/(.*) remote.php [QSA,L]
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
RewriteRule ^\.well-known/(?!acme-challenge|pki-validation) /index.php [QSA,L]
RewriteRule ^(?:\.(?!well-known)|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
The odd thing here is that both CalDAV and CardDav sync work sometimes without errors. And usually only one or two of my four calendars (from same source) fails to sync. So my usual trial-and-error -way of sorting things out is more difficult as it sometimes seem to work until it doesn’t anymore. I am going to do full wipe/OS reinstall for my phone soon (for reasons unrelated to this), and it should maybe clear any possible issues on client side.
EDIT: Just to clarify, I don’t have that usual “Your Web server is not set up properly to resolve /.well-known/caldav/ or /.well-known/carddav/” error in my admin panel. Instead all the checks are passed.
EDIT2: Found my missing nextcloud.log and added it 