Mac Desktop Client Not Working, Browser and Windows Client DO Work

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can.

The Basics

• Nextcloud Server version (e.g., 29.x.x):
  • 32.0.4
• Operating system and version (e.g., Ubuntu 24.04):
  • Truenas Scale 25.04, Linux 6.12.15-production+truenas x86_64
• Web server and version (e.g, Apache 2.4.25):
  • nginx up to date
• Reverse proxy and version _(e.g. nginx 1.27.2)
  • nginx (up to date)
• PHP version (e.g, 8.3):
  • 8.3.29
• Is this the first time you’ve seen this error? (Yes / No):
  • no
• When did this problem seem to first start?
  • a few months ago, i think when i upgraded to nextcloud 32
• Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
  • truenas app
• Are you using CloudfIare, mod_security, or similar? (Yes / No)
  • no

Summary of the issue you are facing:

I am using desktop clients on my Windows Desktop with no problem, and no errors. I use the URL https://mainframe.DOMAIN.com:PORT from the browser on my mac with no problems.

I was using the Mac Client as well for years with no trouble. Now I’m getting weird errors (see photo below at authorization).

I only get to authorization if I use the local IP, if I use the url I access nextcloud from the browser i get an error earlier.

Screenshot 2026-01-17 at 12.50.32 PM1038×1166 40.4 KB

Steps to replicate it (hint: details matter!):

1. If I try to log in with the desktop client, it happens 100% of the time.

2. I have tried just about everything I can think of, including: update desktop and server apps (up to date), run all the OCC maintenance repair commands I can think of, try every combination of URLs to get to my server, local IP, URI, with ‘www’, without ‘www’, http, https, etc.

3. I can access nextcloud from my browser on my mac with no issues.

Log entries

Nextcloud

Please provide the log entries from your Nextcloud log that are generated during the time of problem (via the Copy raw option from Administration settings->Logging screen or from your nextcloud.log located in your data directory). Feel free to use a pastebin/gist service if necessary.

There are NO errors that are reported when I try to log in. I do not have any outstanding errors in the log. 

Web Browser

If the problem is related to the Web interface, open your browser inspector Console and Network tabs while refreshing (reloading) and reproducing the problem. Provide any relevant output/errors here that appear.

PASTE

Web server / Reverse Proxy

The output of your Apache/nginx/system log in /var/log/____:

PASTE HERE

Configuration

Nextcloud

The output of occ config:list system or similar is best, but, if not possible, the contents of your config.php file from /path/to/nextcloud is fine (make sure to remove any identifiable information!):

{

    "system": {

        "htaccess.RewriteBase": "\/",

        "memcache.local": "\\OC\\Memcache\\APCu",

        "apps_paths": [

            {

                "path": "\/var\/www\/html\/apps",

                "url": "\/apps",

                "writable": false

            },

            {

                "path": "\/var\/www\/html\/custom_apps",

                "url": "\/custom_apps",

                "writable": true

            }

        ],

        "overwriteprotocol": "https",

        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",

        "passwordsalt": "***REMOVED SENSITIVE VALUE***",

        "secret": "***REMOVED SENSITIVE VALUE***",

        "datadirectory": "***REMOVED SENSITIVE VALUE***",

        "dbtype": "pgsql",

        "version": "32.0.4.1",

        "overwrite.cli.url": "https:\/\/mainframe.DOMAIN.com:PORT",

        "dbname": "***REMOVED SENSITIVE VALUE***",

        "dbhost": "***REMOVED SENSITIVE VALUE***",

        "dbport": "",

        "dbtableprefix": "oc_",

        "dbuser": "***REMOVED SENSITIVE VALUE***",

        "dbpassword": "***REMOVED SENSITIVE VALUE***",

        "installed": true,

        "instanceid": "***REMOVED SENSITIVE VALUE***",

        "bulkupload.enabled": false,

        "loglevel": 2,

        "maintenance": false,

        "mail_smtpmode": "smtp",

        "mail_smtpsecure": "ssl",

        "mail_sendmailmode": "smtp",

        "default_phone_region": "US",

        "overwritehost": "mainframe.DOMAIN.com:PORT",

        "memcache.distributed": "\\OC\\Memcache\\Redis",

        "memcache.locking": "\\OC\\Memcache\\Redis",

        "redis": {

            "host": "***REMOVED SENSITIVE VALUE***",

            "password": "***REMOVED SENSITIVE VALUE***",

            "port": PORT

        },

        "theme": "",

        "trusted_domains": [

            "127.0.0.1",

            "192.168.1.104",

            "cloud.DOMAIN.com",

            "localhost",

            "mainframe.DOMAIN.com",

            "mainframe.DOMAIN.com:PORT",

            "nextcloud",

            "nginx",

            "www.mainframe.DOMAIN.com"

        ],

        "app_install_overwrite": [

            "occweb"

        ]

    }

}

Apps

The output of occ app:list (if possible).

Enabled:

  - activity: 5.0.0-dev.0

  - app_api: 32.0.0

  - bruteforcesettings: 5.0.0-dev.0

  - circles: 32.0.0

  - cloud_federation_api: 1.16.0

  - comments: 1.22.0

  - contactsinteraction: 1.13.1

  - dashboard: 7.12.0

  - dav: 1.34.2

  - federatedfilesharing: 1.22.0

  - federation: 1.22.0

  - files: 2.4.0

  - files_downloadlimit: 5.0.0-dev.0

  - files_pdfviewer: 5.0.0-dev.0

  - files_reminders: 1.5.0

  - files_sharing: 1.24.1

  - files_trashbin: 1.22.0

  - files_versions: 1.25.0

  - firstrunwizard: 5.0.0-dev.0

  - logreader: 5.0.0-dev.0

  - lookup_server_connector: 1.20.0

  - nextcloud_announcements: 4.0.0-dev.0

  - notifications: 5.0.0-dev.0

  - oauth2: 1.20.0

  - occweb: 0.2.3

  - password_policy: 4.0.0-dev.0

  - photos: 5.0.0-dev.1

  - privacy: 4.0.0-dev.0

  - profile: 1.1.0

  - provisioning_api: 1.22.0

  - recommendations: 5.0.0-dev.0

  - related_resources: 3.0.0-dev.0

  - serverinfo: 4.0.0-dev.0

  - settings: 1.15.1

  - sharebymail: 1.22.0

  - support: 4.0.0-dev.0

  - survey_client: 4.0.0-dev.0

  - systemtags: 1.22.0

  - text: 6.0.1

  - theming: 2.7.0

  - twofactor_backupcodes: 1.21.0

  - updatenotification: 1.22.0

  - user_status: 1.12.0

  - viewer: 5.0.0-dev.0

  - weather_status: 1.12.0

  - webhook_listeners: 1.3.0

  - workflowengine: 2.14.0

Disabled:

  - admin_audit: 1.22.0

  - encryption: 2.20.0

  - files_external: 1.24.0

  - files_rightclick: 0.15.1 (installed 1.6.0)

  - suspicious_login: 10.0.0-dev.0

  - twofactor_nextcloud_notification: 6.0.0-dev.0

  - twofactor_totp: 14.0.0

  - user_ldap: 1.23.0

And if you copy the link or click on the button to open in the browser, do you get an error as well?

What is strange is that you don’t have anything in the Nextcloud logs, e.g. the client is using a wrong resource or something like that. It looks a bit like the request is blocked. I first thought of some DNS trouble, but then you wouldn’t be able to access through the web browser as well.
You are sure that you don’t have a firewall blocking, or other similar things, fail2ban or something that created too many errors that triggered a block?

I come bringing evidence:

First, proof that I can access my server in the browser just fine. Also, it works on my windows Desktop fine, works on my phone on wifi, out of the house on mobile data, etc. Also, I’ve tried doing this through my mobile hotspot, and same issue (though obviously didn’t do the local IP login, used the URL).

Screenshot 2026-01-18 at 9.17.44 AM1038×720 53.2 KB

Next, proof that my URL is secured through SSL:

Screenshot 2026-01-18 at 9.20.56 AM872×982 102 KB

Next, what happens if I copy/paste the URL I use in the browser into the Mac Desktop Client (up to date client, also I’ve reinstalled like 4 times).

Screenshot 2026-01-18 at 9.21.59 AM1132×1234 136 KB

If I try to connect using my local IP INSTEAD of the URL, it works, and the local client directs me to the browser:

Screenshot 2026-01-18 at 9.23.34 AM1182×1532 109 KB

I log in successfully.

Screenshot 2026-01-18 at 9.25.39 AM1182×1200 65 KB

I then get this error, it doesn’t connect.

Screenshot 2026-01-18 at 9.26.13 AM1182×1200 114 KB

To confirm, after all this, trying different stuff, errors all over the place, here is my log:

Screenshot 2026-01-18 at 9.28.45 AM1852×1200 91.2 KB

Let me know what else I can get you, I’ll try to get it for you.

Please see my post with all the photos. I also tried to copy/paste the button to open in the browser, same issue.

As far as I know, I’m running a pretty stock macbook at home, no weird business security defender software installed or anything. I have a secure router and stuff, but it used to work fine for years and only stopped working after a nextcloud install. Also, it works in the browser and works on my desktop, so I would guess it’s not a firewall issue. If you have a particular port to check I can.

SSL thoughts, I use truenas, and Nginx Proxy Manager to have SSL and internal port forwarding to my server where nextcloud is installed. again, works(ed) fine everywhere else, and it is a secure SSL connection, I even changed the subdomain to start fresh (it was cloud.xxx.com, and now it’s mainframe.xxx.com), but that didn’t fix anything.

To prove that my log IS working, I restarted nextcloud just to fill the log with some stuff. No errors.

Screenshot 2026-01-18 at 1.59.47 PM1852×1200 294 KB

It’s interesting that you get a warning with your certificate in the Nextcloud client. I’d check the ssl setup with ssllabs.com. They check against different clients, not specifically the Nextcloud client but if there is a problem in the certificate chain or something else, it should show you.

Just to exclude network issues, I’d try once from inside my network and once outside my network (e.g. via mobile connection or at a friend’s place).

Hi there, first, here’s my SSL report, A+! My http request failed because I require https connections to nextcloud for security, so that’s not a surprise.

Screenshot 2026-01-18 at 11.30.18 PM2236×1476 240 KB

I tried doing this from my phone hotspot. Same issues for the https desktop client on mac. Access through my browser seems fine.

Normally, you’d do a forward to https. Perhaps the mac NC client first tries via http? Can you check on the system to see what the client tries to open (wireshark)?

Hi, I downloaded wireshark, but we’re getting close to the limit of what I technically know what I’m looking at. I tried to log in normally with SSL. My IP and the server IP had some chatter. Here’s like a sampling of it on wireshare? There’s packets flying around everywhere.

Screenshot 2026-01-19 at 9.50.04 AM1514×636 139 KB

These are my nginx proxy manager options.

Screenshot 2026-01-19 at 10.02.20 AM1076×724 36.1 KB

I’ve tried every combination of these on or off, doesn’t seem to make a difference.

Screenshot 2026-01-19 at 10.01.17 AM1076×1276 60.1 KB

Ohhh. One thing to note, I bet the issue with the SSL Labs report is my nextcloud is at mainframe.xxx.com:PORT. I can only analyze mainframe.xxx.com with the free version, not the port one. That may make a difference in the port. Obviously when I try to log into nextcloud I use the :PORT and again, it works on my windows client.

So your port is 9495, so it seems that the client can exchange packages with the server (and is not blocked by a firewall). When you login and do the login flow, there is always a https connection and there is always there port after the hostname (so it doesn’t by error switch to 443)?

You said before you were running with the cloud.xxx host, I’d prefer a dedicated hostname and using a standard port (easier for the ssllabs test, public wifis etc.).

Hi,

I think if I understand you, when I log in to the browser I use https://mainframe.xx.com:PORT. It always works. Same with my windows computer client.

On my mac I use https://mainframe.xx.com:PORT. It used to work for years until I think nextcloud version 32. I use the same URL as everywhere else. I have tried every single combination in the mac client of https, http, with the port, without the port, etc. etc. I copy/paste the URL from the browser, it doesn’t work. If I use the local IP address it takes me to the login and then fails (see prior messages with screenshots). If I try to type in the normal URL, https://mainframe.xxx.com:PORT, it can’t connect and i get the following errors:

Screenshot 2026-01-19 at 10.42.02 AM1076×724 84.8 KB

Screenshot 2026-01-19 at 10.42.40 AM1076×166 23.9 KB

My setup had a very similar set of symptoms. I didn’t really figure out what exactly was happening or why. I have two Mac laptops and one Raspberry Pi 5 running Ubuntu. There is a NextCloudPi server running on a different Raspberry Pi. The desktop client on one of the Macs was perfect, the other gave this error “Failed to connect”.

At the same time I was struggling with “split-brain” dns (using a fully qualified domain name both from outside the local network, and within the network). I finally got that sorted: I am using dnsmasq, and it wasn’t running on the server, because the Armbian OS has systemd take the two ports that dnsmasq needs.

Once dnsmasq was operating correctly, the desktop clients all worked correctly also.

Good luck.

(p.s.: thanks again tflidd for your help about split brain dns)

I thought I documented real errors pretty well here but I guess not. I’ll respond if it ever gets fixed.

this is the URL you should use. I’m wondering if the strict transport security forces it to port 443, in theory it should only force to https.
In this case it doesn’t even get to the step where it asks to login via the browser?

Can you check the client logs:

if it says something about why the connection is failing, if it fails to verify the certificate, if the certificate does not match, the cert chain, …

Does the proxy pass the connection through to Nextcloud? If yes, you should see some entries in the access.log of your nginx that serves Nextcloud.

I was able to open up a log file locally, I only kinda know what it means, but here’s a part of it:

“SSL-Errors happened for url "https://mainframe.xxxx.com:PORT/status.php\” \tError in QSslCertificate(Version=“3”, SerialNumber=“stuff”, Digest=“things==”, Issuer=“E7”, Subject=“mainframe.xxx.com”, AlternativeSubjectNames=QMultiMap((QSsl::DnsEntry, “mainframe.xxx.com”)), EffectiveDate=QDateTime(2025-11-03 16:25:19.000 UTC Qt::UTC), ExpiryDate=QDateTime(2026-02-01 16:25:18.000 UTC Qt::UTC)) : “The issuer certificate of a locally looked up certificate could not be found” ( “The issuer certificate of a locally looked up certificate could not be found” ) \n \tError in QSslCertificate(Version=“3”, SerialNumber=“05:92:stuffa:3e:41:49:7e”, Digest=“things==”, Issuer=“E7”,
etc.

But as you can see above, when i do my SSL lab report i literally get an A+ on my SSL certificate for that subdomain??

Sounds a bit like a certificate in the certificate chain is missing. It is a bit strange since ssllabs is testing for that. I don’t know if the Nextcloud client brings their own certificates or use the system certificates. Which version of macOS and which version of the client are you using?

When you use curl from command line (which perhaps uses the systems’ certs), is that working? curl -v https://yourserver.example.com:PORT/status.php ?

Hi,

It is now working. Here is what happened:

I have truenas. I use Nginx proxy manager to run the proxys for my apps, including nextcloud. For most apps the SSL cert is applied automatically, including truenas UI. For reasons I don’t understand Nextcloud has always needed to use the SSLs provided by the Truenas UI, in edit you pick which cert to use.

In truenas, there is a certificates section, you can generate or upload SSL certificates. Then you can use those in various apps.

This isn’t usually an issue, because you can just download certs from nginx proxy manager and install them to truenas. It’s a manual step, but the certs last a few months before they expire. When you download a cert you get 4 files, the privkey, the fullchain, the cert, and the chain (confusing naming scheme).

You always need the cert, and the privkey. When I installed the certs a few months ago, I must have used the cert file rather than the fullchain file. The cert file does work, and installs into truenas successfully. The cert is valid, when you run the SSL checker, it looks at the ONLINE version of the cert and sees it’s fine. But clearly with MacOS and the new nextcloud app it doesn’t have enough cert to be secure enough. You need the extra data from the full-chain file. I re-downloaded, and re-installed a fresh certificate from Nginx Proxy Manager. I used the data from the fullchain and the privkey files, and then told nextcloud to use that cert through the app UI in nextcloud.

Worked instantly. Everything is synching now. Stupid problem, complex solution. Manual steps always make things worse. Stupid Linux.

Thanks, hopefully this helps someone else. If you are getting SSL cert errors, but your cert is fine, MAKE SURE IT IS INSTALLED CORRECTLY AND YOUR APP IS USING THE RIGHT SSL CERT EVEN IF IT IS VALID!