We have installed passman using the docker container, apache is working as a reverse proxy
we are facing above error
please ellaborate in above image what is the difference between actual and expected
waiting for the early response
Thanks!!
You need to use HTTPS.
1 Like
indeed. If you uses Apache as reverse proxy and terminates SSL on the proxy and not locally on the NC webserver, you can ignore this. However it is considered not safe, as then all credentials are possibly leaked from Passman on the “backside” of the proxy.
If you uses SNI hence SSL passthrough and terminates the SSL on the NC webserver, this message will dissappear, and you have elimanted the above severe risk (at least severe in my line of work).
That’s not what SNI does.
Please fill out the support template that pre-populated in the forum post for further troubleshooting.
Okay I am sorry that I skipped a few chapters. Forgive me. I will explain.
To do reverse proxying based on hostname without terminating SSL (sorry now that I have to be carefull that nothing I say can be misinterpreted or misunderstood, as some migth go the length of disect the letter of the law and not the intend of the law) or TLS, you would have to work on TCP and not HTTP, so you would need to do SNI_preread to get the intended hostname, to do conditional proxying (choosing the right proxy_pass stream).
I know that is not what SNI does. But you have to use SNI preread to do hostbased proxy rules.
Again, if you don’t fill out the support post template, it’s unnecessarily difficult to diagnose your problem.
If I have to guess at it, then I’d guess it’s because your reverse proxy setup is incomplete (the 3 lines under Nextcloud Proxy Settings).
That’s all I can say without info about your setup.