Certificate Not Recognized

I am troubleshooting a certificate issue after a recent distro and NC upgrade. When I try to access my NCP admin panel, Firefox throws a certificate error, even though I have a certificate from Let’s Encrypt installed.

Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for :4443. The certificate is only valid for archlinux.

Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT

Any idea what might be wrong?

Here’s the background:

My ISP blocks ports 80 & 443, so I switched my NCP over to using ephemeral ports. This obviously breaks Let’s Encrypt client in NCP admin panel, so I used the manual DNS method (as described in https://docs.nextcloudpi.com/en/how-to-get-certificate-with-letsencrypt-using-dns-to-verify-domain/). Everything was working okay before the upgrade.

When I got the certificate error after the upgrade, I thought my certs may have been deleted, so I ran the DNS option again. It said the certificates were already in place, but I chose to have them reissued just to be on the safe side. But still no luck.

Did you solve this issue?

This is because ncp-web:4443 uses its own settings.
See /etc/apache2/sites-available/ncp.conf
It is also limited to access from local IP’s only, for security reasons.
This posts is stale, it was not tagged ncp initially, still hope this clarifies for future use.

@btak No, I’ve never found a way to successfully access the NCP admin interface using the server name (i.e. ..com). I can access NextCloud fine but when I add the port 4443, it always breaks.

So I’ve resorted to just using the IP address, which seems to work fine. And as @OliverV notes, there really isn’t much reason to access this outside your local network anyway.