Nextcloud AIO's Mastercontainer certificate on 8080 not valid

diyoyo · November 12, 2022, 3:17pm

Support intro

Sorry to hear you’re facing problems

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can

Nextcloud version (eg, 20.0.5): 24.0.7 on NC AIO 3.0
Operating system and version (eg, Ubuntu 20.04): Ubuntu 22.04 - Linux 5.15.0-52-generic x86_64
Apache or nginx version (eg, Apache 2.4.25): AIO container (apache?)
PHP version (eg, 7.4): 8.0.25

The issue you are facing:

Invalid SSL Certificate → Brave’s Security Exception when loading the AIO interface.

I can load it on Firefox but not on Brave

Is this the first time you’ve seen this error? (Y/N): N

Steps to replicate it:

Open your NC instance in Brave Browser
Go to Admin settings
CLick on “Open AIO interface”

szaimen · November 12, 2022, 5:38pm

Port 8080 uses a self-signed certificate by default. So this is expected. You simply need to let the browser accept this.

diyoyo · November 12, 2022, 5:45pm

Well, Brave does not allow this for now.
It barely allows self-signed certificates on https://localhost
I wrote on their github, but I’m curious why the certificate is valid for the NC instance but not the AIO admin pane? Or is it because I chose 8080? Is there a way to host both on the same port?
Thanks.

szaimen · November 12, 2022, 6:03pm

I am using brave and able to trust self-signed certificates.

The mastercontainer is completely independent from the other containers. They dont have access to the mastercontainers files and the other way around. So there is no way to reuse the certficiate for the mastercontainer. However you could open port 80 and 8443 and use https://yourdomain.com:8443 to access the AIO interface with a valid certificate.

diyoyo · November 12, 2022, 8:50pm

How can I trust self-signed certificates in Brave?

szaimen · November 12, 2022, 8:54pm

Maybe like this? Can't connect to site with self signed certificate - #2 by fanboynz - Desktop Support - Brave Community

diyoyo · November 12, 2022, 9:06pm

Thanks.
Well, this link does not provide an answer. I face the same problem as the OP.

szaimen · November 12, 2022, 9:11pm

Can you post a screenshot of that here?

szaimen · November 12, 2022, 9:15pm

Also, can you try this workaround?
https://support.google.com/chrome/thread/10551759?hl=en&msgid=59258560

diyoyo · November 14, 2022, 1:38pm

Actually, everything works perfectly fine when I use the 8443 port instead of the 8080 (At least after rolling back to stable 2.1.2 AIO).

So I believe it would be nice that the link to the AIO interface from within the Administration panel of the NC instance would point to 8443 and not 8080.

szaimen · November 14, 2022, 1:54pm

See GitHub - nextcloud/all-in-one: Nextcloud AIO stands for Nextcloud All In One and provides easy deployment and maintenance with most features included in this one Nextcloud instance.