Changing Certificaton Authority client not recognize Subject Alternative Name in Certificate

Nextcloud version (eg, 20.0.5): 20.0.12
Operating system and version (eg, Ubuntu 20.04): Debian 9
Apache or nginx version (eg, Apache 2.4.25): Apache 2.4.25-3
PHP version (eg, 7.4): 7.3.14-5

The issue you are facing:

Is this the first time you’ve seen this error? (Y/N): Y

Steps to replicate it:

  1. change server side certificate autority CA
  2. run Nextcloud client with relative (enabled) account

The output of your Nextcloud log in Admin > Logging:


The output of your Apache/nginx/system log in /var/log/____:

AH01797: client denied by server configuration: /var/www/nextcloud/public_html/data/.ocdata

Hi there,
we are an Italian association, no-profit users
we have recently changed the CA from Letsencrypt to Zerossl, for better device back-compatibility.

All is working great (client/server web, client/server mail, client/server xmpp, and others) , except for Nextcloud Client (we had experience for now only on recent Linux desktop systems) where show randomly the following errors:

The issuer certificate of a locally locked up certificate could not be found.
No certificates could be verified.

we have seen here another very similar problem for a 2020 issue.

And we wonder what it might depend on. Whether from a certificate chain that is not correctly ordered or if from a client issue, or something else.

Have any of you had similar experiences and resolved them?


Here an error client screenshot →


Here I am again,
found the issue.
The problem depended on a misconfigured virtualhost SSL parameter.
Moving to Zerossl (plus, I made the mistake of not installing a new


And the following parameter pointed to the old Letsencrypt chain cert:


To solve the issue, was enough to install the new (Zerossl) chain.pem in the right place :wink: