Hello,
I’ve installed nextcloud 18.0 with docker (apache version) and mariadb 10.5 + an nginx reverse proxy. Everything works fine up to a point: because I’m behind a firewall which does deep packet inspection and offers its own certificate, nextcloud is telling me that it cannot connect to the internet - so that it cannot initialize connections and that translates in my case in my not being able to install any other non-core apps, because it cannot search for them.
The error is:
This server has no working Internet connection: Multiple endpoints could not be reached. This means that some of the features like mounting external storage, notifications about updates or installation of third-party apps will not work. Accessing files remotely and sending of notification emails might not work, either. Establish a connection from this server to the Internet to enjoy all features.
In the logging I get the following error:
[internet_connection_check] Error: GuzzleHttp\Exception\RequestException: cURL error 60: SSL certificate problem: self signed certificate in certificate chain (see http://curl.haxx.se/libcurl/c/libcurl-errors.html) at <>
0. /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 149
GuzzleHttp\Handler\CurlFactory::createRejection(GuzzleHttp\Handl … l}, {errno: 60,error … 4})
- /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 102
GuzzleHttp\Handler\CurlFactory::finishError(GuzzleHttp\Handler\CurlHandler {}, GuzzleHttp\Handl … l}, GuzzleHttp\Handler\CurlFactory {})- /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/CurlHandler.php line 43
GuzzleHttp\Handler\CurlFactory::finish(GuzzleHttp\Handler\CurlHandler {}, GuzzleHttp\Handl … l}, GuzzleHttp\Handler\CurlFactory {})- /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/Proxy.php line 28
GuzzleHttp\Handler\CurlHandler->__invoke(“*** sensitive parameter replaced ", " sensitive parameter replaced ***”)- /var/www/html/3rdparty/guzzlehttp/guzzle/src/Handler/Proxy.php line 51
GuzzleHttp\Handler\Proxy::GuzzleHttp\Handler{closure}(“*** sensitive parameters replaced ***”)- /var/www/html/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php line 37
GuzzleHttp\Handler\Proxy::GuzzleHttp\Handler{closure}(“*** sensitive parameters replaced ***”)- /var/www/html/3rdparty/guzzlehttp/guzzle/src/Middleware.php line 30
GuzzleHttp\PrepareBodyMiddleware->__invoke(“*** sensitive parameter replaced ", " sensitive parameter replaced ***”)- /var/www/html/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 70
GuzzleHttp\Middleware::GuzzleHttp{closure}(“*** sensitive parameters replaced ***”)- /var/www/html/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 107
GuzzleHttp\RedirectMiddleware->__invoke(“*** sensitive parameter replaced ", " sensitive parameter replaced ***”)- /var/www/html/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php line 72
GuzzleHttp\RedirectMiddleware->checkRedirect(GuzzleHttp\Psr7\Request {}, “*** sensitive parameter replaced ", " sensitive parameter replaced ***”)- /var/www/html/3rdparty/guzzlehttp/promises/src/FulfilledPromise.php line 39
GuzzleHttp\RedirectMiddleware->GuzzleHttp{closure}(“*** sensitive parameters replaced ***”)- /var/www/html/3rdparty/guzzlehttp/promises/src/TaskQueue.php line 47
GuzzleHttp\Promise\FulfilledPromise::GuzzleHttp\Promise{closure}(“*** sensitive parameters replaced ***”)- /var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php line 246
GuzzleHttp\Promise\TaskQueue->run(true)- /var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php line 223
GuzzleHttp\Promise\Promise->invokeWaitFn()- /var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php line 267
GuzzleHttp\Promise\Promise->waitIfPending()- /var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php line 225
GuzzleHttp\Promise\Promise->invokeWaitList()- /var/www/html/3rdparty/guzzlehttp/promises/src/Promise.php line 62
GuzzleHttp\Promise\Promise->waitIfPending()- /var/www/html/3rdparty/guzzlehttp/guzzle/src/Client.php line 131
GuzzleHttp\Promise\Promise->wait()- /var/www/html/lib/private/Http/Client/Client.php line 149
GuzzleHttp\Client->request(“get”, “http://www.edri.org/”, {proxy: null,ver … e})- /var/www/html/apps/settings/lib/Controller/CheckSetupController.php line 157
OC\Http\Client\Client->get(“http://www.edri.org/”)- /var/www/html/apps/settings/lib/Controller/CheckSetupController.php line 140
OCA\Settings\Controller\CheckSetupController->isSiteReachable(“www.edri.org”)- /var/www/html/apps/settings/lib/Controller/CheckSetupController.php line 682
OCA\Settings\Controller\CheckSetupController->hasInternetConnectivityProblems()- /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 170
OCA\Settings\Controller\CheckSetupController->check()- /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 99
OC\AppFramework\Http\Dispatcher->executeController(OCA\Settings\Con … {}, “check”)- /var/www/html/lib/private/AppFramework/App.php line 125
OC\AppFramework\Http\Dispatcher->dispatch(OCA\Settings\Con … {}, “check”)- /var/www/html/lib/private/AppFramework/Routing/RouteActionHandler.php line 47
OC\AppFramework\App::main(“OCA\Settings\ … r”, “check”, OC\AppFramework\ … {}, {_route: “settings.CheckSetup.check”})- <>
OC\AppFramework\Routing\RouteActionHandler->__invoke({_route: “settings.CheckSetup.check”})- /var/www/html/lib/private/Route/Router.php line 299
call_user_func(OC\AppFramework\ … {}, {_route: “settings.CheckSetup.check”})- /var/www/html/lib/base.php line 1008
OC\Route\Router->match(“/settings/ajax/checksetup”)- /var/www/html/index.php line 38
OC::handleRequest()GET /settings/ajax/checksetup
from 172.19.0.3 by root at 2020-06-06T08:51:00+00:00
What I’ve tried to do was install the certificate of the firewall by placing it under /usr/share/local/share/ca-certificates, but that doesn’t really seem to make any difference.
Does nextcloud make use of the OS certificates? Is it necessary that I whiteliste the domains nextcloud is trying to connect to? If so, what are those?
Thanks in advance!