CalDAV sync broken in iOS12

Hi!

After upgrading to iOS 12 the CalDAV sync stopped working. When adding a new account identical to the old one, iOS shows the error CalDAV account verification failed.

access log:
192.168.0.161 - - [20/Sep/2018:20:12:24 +0000] “OPTIONS /remote.php/dav/principals/users/pr/ HTTP/1.1” 401 1679 “-” “iOS/12.0 (16A366) dataaccessd/1.0”
192.168.0.161 - - [20/Sep/2018:20:12:24 +0000] “PROPFIND /remote.php/dav/principals/users/pr/ HTTP/1.1” 401 1675 “-” “iOS/12.0 (16A366) dataaccessd/1.0”
192.168.0.161 - - [20/Sep/2018:20:12:24 +0000] “PROPFIND /remote.php/dav/principals/users/pr/ HTTP/1.1” 401 1679 “-” “iOS/12.0 (16A366) dataaccessd/1.0”
192.168.0.161 - - [20/Sep/2018:20:12:32 +0000] “PROPFIND /remote.php/dav/principals/users/pr/ HTTP/1.1” 401 1673 “-” “iOS/12.0 (16A366) accountsd/1.0”

According to https://central.owncloud.org/t/ios-12-calendar-ios-stock-via-caldav/15648/2 Apple might have changed the way the credentials are sent.

Patrick

Hi!

I have the same problem here. Which access log are you talking about? In the logfile of my nextcloud server I can’t see any entries.

Thanks,

regatta

I do not encounter any problems.
Could you give more information (nextcloud version, webserver, http/https, OS, …)?

EDIT: there is also a Github issue open:


Maybe it is SSL related. Do you both use http?

I have ssl with letsencrypt.
I don’t have any problems. With older accounts and new ones.
It’s from 10.10 that apple begins its fight against no and self signed certificate.
Now it doesn’t want anymore self signed cert. maybe you have to tweak the system using installation profile for making it to work with that.

You better considering using letsencrypt and upload your good certs

Hi Bernie_O,

SSL is not used. The server can be contacted just locally, not from outside the local network.

I can’t confirm that: I just added a CalDAV account to my iOS12 phone from my testinstallation with self signed certificate without any problems (without installation profile) - so selfsigned certificates do work with iOS 12 (of course you have to tell iOS12 to trust the certificate when adding the CalDAV account).

@regatta: could you add a selfsigned certificate and try whether that solves the issue for you?

All right. I have to find out, how such a certificate can be added (the machine is not reachable from the internet). I will give feedback as soon as I have more information.

[EDIT: how the certificate can be created, not added]

generate a key with:
openssl genrsa -out internal_4096.key 4096
then generate the certificate (10 years valid):
openssl req -x509 -new -out internal.crt -sha512 -days 3650 -key internal_4096.key

Also not using SSL because of a local and filtered access.

/edit: Nextcloud 14.0.0

Patrick

Hi Guys,

I tried to connect my nextcloud calendar with an iOS12 device and it didn’t work. I used this server address:

https://XXX.next-cloud.org/remote.php/dav/principals/users/USERNAME/.

It worked on iOS 11 but won’t on 12. Can someone help me? Btw: I don’t know anything about certificates in this context yet.

Thanks

@danguba:
Try this (and the according answers):

Or this:

Good luck!

Thank you Bernie, solved! But it wasn’t the port number. When setting up the calDav-account it is cruical to write the server address the very first time correct. And dont write “https://” when typing the server address.

1 Like

For me i have to put https:// because i closed port 80.
It’s strange that on your iOS12 it didn’t work with https:// in your server address.

Still no luck here even without http/https.

To me it looks like Apple has dropped support for synching CalDAV without SSL with iOS12. So, what in your case probably might help, is configuring your webserver to serve Nextcloud via https and then delete/add your account in iOS again.

Switching to https worked for me. Thank you.

2 Likes

Now you can modify your topic to wrote it as solved.

Look at the end of your first post you will have an icon for marking this topic as solved and poiting the post who helped you.

It’s important to do that, when scrolling the forum you can see that this topic is solved and if you wanna to see why, you get a shortcut to the answer

Good morning!

I will happily do that when the problem is solved. Currently, there is a workaround for the problem which is a completely different thing. Marking the thread solved would lower the chances to get the bug in either iOS12 or nextcloud fixed.

Patrick

So what is your problem now with iOS 12 ?
Is that you can’t have it working in http or self signed cert ?

Hi!

Self-signed-cert aka snakeoil works, http does not (see initial post for details).

Patrick