Couldn't establish a federated share

ℹ️ Support
1

Nextcloud version: 14.0.4.2
Operating system and version: Ubuntu 18.04.01 LTS
Apache or nginx version: Apache/2.4.29
PHP version: PHP 7.2.10

The issue you are facing:

I am trying to add a federated share from one Nextcloud account to my own. I have been sent the share folder followed the federated share steps from the Nextcloud documentation.

Everything seems to go smoothly until the very end.

Is this the first time you’ve seen this error?: Yes

Steps to replicate it:

  1. Another user from a different Nextcloud instance shares a directory with my email address.

  2. In the email I receive, I click the Open button as described in the email.

  3. The Nextcloud folder being shared with me opens in a browser.

  4. At the top right of the page there is a link that says Download. Next to that are three dots. I click these dots to make a dropdown menu appear.

  5. This dropdown menu has three options. Download, Direct link, and Add to your Nextcloud. I click Add to your Nextcloud.

  6. A text input appears with the placeholder 'user@yourNextcloud.org". I try to enter several different combinations here which all give me different outcomes. In the examples below, I am not literally entering “username”, I am using the proper username. My nextcloud instance is hosted at nextcloud.jeslenbucci.com. I use LetsEncrypt as the SSL certificate.

    a) If I enter my username@nextcloud.jeslenbucci.com I receive this error:
    Failed to add the public link to your Nextcloud
    Sharing [SHARE_NAME] failed, could not find username@nextcloud.jeslenbucci.com, maybe the server is currently unreachable or uses a self-signed certificate.

    b) If I enter username@https://nextcloud.jeslenbucci.com, this time including https://, I receive this message:
    Failed to add the public link to your Nextcloud
    Sharing [SHARE_NAME] failed, could not find username@https://nextcloud.jeslenbucci.com, maybe the server is currently unreachable or uses a self-signed certificate.

    c) If I omit the username and enter https://nextcloud.jeslenbucci.com, the page reloads to my Nextcloud server.

  7. Continuing from 6. c), now on my server I see a notification window with the title Remote share. It asks if I would like to add the remote share. I click the button titled Add remote share.

  8. The pop up fades away, and I wait. Moments later a small notification appears at the top of the screen which reads “Couldn’t establish a federated share”.

  9. I did some other messing around which will be apparent in some of the logs. I tried to share a folder with myself to test it.

The output of your Nextcloud log in Admin > Logging:

{"reqId":"XECqstONTxYe53cetlTzKgAAAEc","level":3,"time":"2019-01-17T16:17:54+00:00","remoteAddr":"69.172.185.142","user":"jeslen","app":"federation","method":"POST","url":"\/index.php\/apps\/federation\/trusted-servers","message":{"Exception":"OC\\HintException","Message":"No server to federate with found","Code":0,"Trace":[{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/apps\/federation\/lib\/Controller\/SettingsController.php","line":68,"function":"checkServer","class":"OCA\\Federation\\Controller\\SettingsController","type":"->","args":["REMOVED"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":166,"function":"addServer","class":"OCA\\Federation\\Controller\\SettingsController","type":"->","args":["REMOVED"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":99,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Federation\\Controller\\SettingsController"},"addServer"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Federation\\Controller\\SettingsController"},"addServer"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\Federation\\Controller\\SettingsController","addServer",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"federation.Settings.addServer"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"federation.Settings.addServer"}]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"federation.Settings.addServer"}]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/base.php","line":987,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/federation\/trusted-servers"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\[PATH_TO_NEXTCLOUD]/nextcloud\/apps\/federation\/lib\/Controller\/SettingsController.php","Line":118,"Hint":"No server to federate with found","CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/71.0.3578.98 Safari\/537.36","version":"14.0.4.2"}
{"reqId":"XECt-9UkE3CmAIfbKlM0FwAAAEY","level":3,"time":"2019-01-17T16:31:59+00:00","remoteAddr":"69.172.185.142","user":"jeslen","app":"federation","method":"POST","url":"\/index.php\/apps\/federation\/trusted-servers","message":{"Exception":"OC\\HintException","Message":"Server is already in the list of trusted servers.","Code":0,"Trace":[{"file":"\[PATH_TO_NEXTCLOUD]\/nextcloud.jeslenbucci.com\/nextcloud\/apps\/federation\/lib\/Controller\/SettingsController.php","line":68,"function":"checkServer","class":"OCA\\Federation\\Controller\\SettingsController","type":"->","args":["REMOVED"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":166,"function":"addServer","class":"OCA\\Federation\\Controller\\SettingsController","type":"->","args":["REMOVED"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":99,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Federation\\Controller\\SettingsController"},"addServer"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Federation\\Controller\\SettingsController"},"addServer"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\Federation\\Controller\\SettingsController","addServer",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"federation.Settings.addServer"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"federation.Settings.addServer"}]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"federation.Settings.addServer"}]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/base.php","line":987,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/federation\/trusted-servers"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\[PATH_TO_NEXTCLOUD]/nextcloud\/apps\/federation\/lib\/Controller\/SettingsController.php","Line":112,"Hint":"Server is already in the list of trusted servers.","CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/71.0.3578.98 Safari\/537.36","version":"14.0.4.2"}
{"reqId":"XECwDnh9BoMUB5MZz3PTogAAABI","level":2,"time":"2019-01-17T16:40:46+00:00","remoteAddr":"69.172.185.142","user":"--","app":"core","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files","message":"Login failed: 'jeslen' (Remote IP: '69.172.185.142')","userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/71.0.3578.98 Safari\/537.36","version":"14.0.4.2"}
{"reqId":"XECwGdUkE3CmAIfbKlM1YAAAAEQ","level":2,"time":"2019-01-17T16:40:57+00:00","remoteAddr":"167.99.182.109","user":"--","app":"federatedfilesharing","method":"POST","url":"\/index.php\/apps\/federatedfilesharing\/createFederatedShare","message":{"Exception":"Exception","Message":"Not allowed to create a federated share with the same user","Code":0,"Trace":[{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/apps\/federatedfilesharing\/lib\/Controller\/MountPublicLinkController.php","line":166,"function":"create","class":"OCA\\FederatedFileSharing\\FederatedShareProvider","type":"->","args":[{"__class__":"OC\\Share20\\Share"}]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":166,"function":"createFederatedShare","class":"OCA\\FederatedFileSharing\\Controller\\MountPublicLinkController","type":"->","args":["jeslen@https:\/\/nextcloud.jeslenbucci.com","zWrkfy8bgDncKGR",""]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":99,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\FederatedFileSharing\\Controller\\MountPublicLinkController"},"createFederatedShare"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\FederatedFileSharing\\Controller\\MountPublicLinkController"},"createFederatedShare"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\FederatedFileSharing\\Controller\\MountPublicLinkController","createFederatedShare",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"federatedfilesharing.MountPublicLink.createFederatedShare"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"federatedfilesharing.MountPublicLink.createFederatedShare"}]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"federatedfilesharing.MountPublicLink.createFederatedShare"}]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/lib\/base.php","line":987,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/federatedfilesharing\/createFederatedShare"]},{"file":"\[PATH_TO_NEXTCLOUD]/nextcloud\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\[PATH_TO_NEXTCLOUD]/nextcloud\/apps\/federatedfilesharing\/lib\/FederatedShareProvider.php","Line":202,"CustomMessage":"--"},"userAgent":"GuzzleHttp\/6.2.1 curl\/7.58.0 PHP\/7.2.14","version":"14.0.4.2"}

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'instanceid' => '[REMOVED]',
  'passwordsalt' => '[REMOVED]',
  'secret' => '[REMOVED]',
  'trusted_domains' => 
  array (
      0 => 'nextcloud.jeslenbucci.com',
  ),
  'datadirectory' => '[REMOVED]',
  'dbtype' => 'mysql',
  'version' => '14.0.4.2',
  'overwrite.cli.url' => 'https://nextcloud.jeslenbucci.com',
  'dbname' => '[REMOVED]',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => '[REMOVED]',
  'dbpassword' => '[REMOVED]',
  'installed' => true,
  'maintenance' => false,
  'onlyoffice' => 
  array (
    'verify_peer_off' => true,
  ),
  'mail_smtpmode' => 'sendmail',
  'mail_smtpsecure' => 'tls',
  'mail_from_address' => 'noreply',
  'mail_domain' => 'jeslenbucci.com',
  'mail_smtpport' => '25',
  'mail_smtphost' => 'jeslenbucci.com',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_smtpauth' => 1,
  'mail_smtpname' => '[REMOVED]',
  'mail_smtppassword' => '[REMOVED]',
  'updater.secret' => '[REMOVED]',
  'theme' => '',
  'loglevel' => 2,
);

The output of your Apache/nginx/system log in /var/log/____:

|2019-01-17 09:43:53|Access|69.172.185.142|200|GET /index.php/apps/files/ajax/getstoragestats.php?dir=%2F HTTP/1.0||Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36|1.27 K|Apache SSL/TLS access|
|---|---|---|---|---|---|---|---|---|
|2019-01-17 09:43:53|Error|69.172.185.142|404|GET /index.php/core/preview?fileId=7023&c=bf22710b49eca6a7f52c6d9433ca86f4&x=32&y=32&forceIcon=0 HTTP/1.0||Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36|1.05 K|Apache SSL/TLS access|
|2019-01-17 09:43:59|Access|69.172.185.142|207|PROPFIND /remote.php/dav/files/[REMOVED]/ HTTP/1.0||Mozilla/5.0 (Windows) mirall/2.3.3 (build 1) (Nextcloud)|1.26 K|Apache SSL/TLS access|
|2019-01-17 09:44:01|Access|69.172.185.142|200|GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.0||Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36|873|Apache SSL/TLS access|
|2019-01-17 09:44:08|Access|69.172.185.142|200|GET /ocs/v2.php/apps/notifications/api/v1/notifications?format=json HTTP/1.0||Mozilla/5.0 (Windows) mirall/2.3.3 (build 1) (Nextcloud)|873|Apache SSL/TLS access|
|2019-01-17 09:44:08|Access|69.172.185.142|207|PROPFIND /remote.php/dav/files/[REMOVED]/ HTTP/1.0||Mozilla/5.0 (Windows) mirall/2.3.3 (build 1) (Nextcloud)|1.21 K|Apache SSL/TLS access|
|2019-01-17 09:43:55|Error|69.172.185.142|400|POST /index.php/apps/federatedfilesharing/askForFederatedShare HTTP/1.0||Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36|1.10 K|Apache SSL/TLS access|
|2019-01-17 09:44:10|Access|69.172.185.142|207|REPORT /remote.php/dav/calendars/[REMOVED]/personal/ HTTP/1.0||Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 Lightning/6.2.4|1.00 K|Apache SSL/TLS access|
|2019-01-17 09:44:11|Access|69.172.185.142|200|GET /ocs/v1.php/apps/files_sharing/api/v1/remote_shares?format=json&include_tags=true HTTP/1.0||Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36|868|Apache SSL/TLS access|
|2019-01-17 09:44:11|Access|69.172.185.142|200|GET /index.php/apps/systemtags/lastused HTTP/1.0||Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36|1.08 K|Apache SSL/TLS access|
|2019-01-17 09:44:11|Access|69.172.185.142|200|GET /ocs/v1.php/apps/files_sharing/api/v1/shares?format=json&shared_with_me=true&include_tags=true HTTP/1.0||Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36|868|Apache SSL/TLS access|
2

It seems I’m getting a very similar issue

NC 15.0.7
nginx/1.13.3

Should we put the federated cloud address in config.php 's trusted domains array?

3

Looking at OP’s admin log, it looks like:

  • cartesiantheatre.nextcloud[.]com is already on the list of trusted federation servers, BUT
  • The server at cartesiantheatre.nextcloud[.]com was not responding how a federation-enabled Nextcloud server should respond.
    • I think the remote server is giving the wrong URL in this case - it should probably be nextcloud.cartesiantheatre[.]com. This would seem to be a configuration issue on their end.
  • When Nextcloud didn’t find a valid peer server at the given address, it used its own name instead. The "Not allowed to create a federated share with the same user" message was because the local server and remote server names matched, not anything to do with user names [2].

The trusted domains[1] list is actually a list of names your server might have, rather than a list of other servers it should trust. I’m not sure where the trusted federation server list is, but you don’t want to add the remote server to this list. :wink:

That said, if you provide the admin logs for your instance, we might be able to help troubleshoot that too.

4

@jeslen , thanks for your reply.

As soon as I wrote I knew it as wrong. Always used trusted domains as intended, to be able to access the same server/installation using different domains/addresses.

It seems now I am able to use federated sharing. Just tested two ways in two different installations I have, sharing a folder from each side, and it seemed to work directly from inside of both installations. Just tried also using the link path (share link -> log out -> open link -> click on add to your nextcloud -> add info of second user and cloud).

Now my curiosity is on how to be able to turn federated shares into ‘green status’ (on admin -> sharing I see only yellow status). Maybe I should open another topic for this, isn’t it?

5

The administrator needs to approve the remote server to be trustworthy.

1 Like