Nextcloud complains about using HTTP while connection is clearly HTTPS

Support intro

Sorry to hear you’re facing problems. :slightly_frowning_face:

The community help forum (help.nextcloud.com) is for home and non-enterprise users. Support is provided by other community members on a best effort / “as available” basis. All of those responding are volunteering their time to help you.

If you’re using Nextcloud in a business/critical setting, paid and SLA-based support services can be accessed via portal.nextcloud.com where Nextcloud engineers can help ensure your business keeps running smoothly.

Getting help

In order to help you as efficiently (and quickly!) as possible, please fill in as much of the below requested information as you can.

Before clicking submit: Please check if your query is already addressed via the following resources:

(Utilizing these existing resources is typically faster. It also helps reduce the load on our generous volunteers while elevating the signal to noise ratio of the forums otherwise arising from the same queries being posted repeatedly).

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can. :heart:

The Basics

  • Nextcloud Server version (e.g., 29.x.x):
    • 30.0.6
  • Operating system and version (e.g., Ubuntu 24.04):
    • Debian 12.9.0
  • Web server and version (e.g, Apache 2.4.25):
    • 2.4.62 (included in the nextcloud:latest official docker image)
  • Reverse proxy and version _(e.g. nginx 1.27.2)
    • 1.22.1 (included in the nextcloud:latest official docker image) AND reverse proxy using NGINX proxy manager (Nginx v1.22.1 too)
  • PHP version (e.g, 8.3):
    • 8.2.27 (included in the nextcloud:latest official docker image)
  • Is this the first time you’ve seen this error? (Yes / No):
    • Yes
  • When did this problem seem to first start?
    • At Installation
  • Installation method (e.g. AlO, NCP, Bare Metal/Archive, etc.)
    • Official nextcloud container
  • Are you using CloudfIare, mod_security, or similar? (Yes / No)
    • Running nextcloud through NginxProxyManager -> Cloudflare domain (proxied)

Summary of the issue you are facing:

Recently installed Nextcloud and it is complaining, in the Overview section of the Administration settings, that I am “Accessing the server insecurely via HTTP” while the connection has a padlock indicating HTTPS (and the URL bar shows HTTPS), as shown below:

Steps to replicate it (hint: details matter!):

  1. Install Nextcloud with PostgreSQL DB, Using this compose file (through Portainer):
name: nextcloud
services:
  nextcloud:
    image: nextcloud:latest
    container_name: "nextcloud"
    ports:
      - "10081:80"
    restart: unless-stopped
    networks:
      - nextcloud
    volumes:
      - /Containers/Nextcloud/apps:/var/www/html/apps
      - /Containers/Nextcloud/config:/var/www/html/config
      - /Containers/Nextcloud/data:/var/www/html/data
    depends_on:
      - ncdb

  ncdb:
    image: postgres
    restart: unless-stopped
    container_name: "nextcloud-postges"
    networks:
      - nextcloud
    shm_size: 128mb
    environment:
      POSTGRES_USER: nextcloud
      POSTGRES_PASSWORD: nextcloud
      POSTGRES_DB: ncdb
      PGDATA: "/var/lib/postgresql/data/pgdata"
    volumes:
      - "/Containers/Nextcloud/postgresdb:/var/lib/postgresql/data/pgdata"

networks:
  nextcloud:
    driver: bridge
  1. Install Nginx Proxy Manager (With portainer using stacks) with this compose file :
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: "nginx-proxy-manager"
    restart: unless-stopped
    ports:
      - '80:80' # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81' # Admin Web Port
    extra_hosts:
      - "host.docker.internal:host-gateway"
    volumes:
      - /Containers/nginxproxy/data:/data
      - /Containers/nginxproxy/letsencrypt:/etc/letsencrypt
  1. Configure Nginx Proxy Manager with :
  • A Let’sEncrypt certificate for your domain
  • A Proxy Host that directs “http://192.168.1.xxx” port 10081 (or any port your Nextcloud uses) to nextcloud.domain.org, a domain registered through Cloudflare, and the subdomain nextcloudis a CNAME record pointing to domain.org, proxied through Cloudflare
  1. Access Nextcloud with nextcloud.domain.com and set it up, with the Postgres DB, and options specified in the Compose file (DB works fine)

  2. Go to SettingsAdministrationOverview

  3. Look at the errors the setup detects, and notice the complaint, written in red, about accessing through HTTP, while your browser assures you you’re using HTTPS:

Log entries

Nextcloud

Please provide the log entries from your Nextcloud log that are generated during the time of problem (via the Copy raw option from Administration settings->Logging screen or from your nextcloud.log located in your data directory). Feel free to use a pastebin/gist service if necessary.

https://pastebin.com/PFuu9FWj

Web Browser [UNRELATED]

If the problem is related to the Web interface, open your browser inspector Console and Network tabs while refreshing (reloading) and reproducing the problem. Provide any relevant output/errors here that appear.

No relevant output

Web server / Reverse Proxy

The output of your Apache/nginx/system log in /var/log/____:

Nextcloud
  Apache: none
  Nginx: None

NginxProxyMgr
  Nginx: error.log : https://pastebin.com/SZnVpSk6

Configuration

Nextcloud

The output of occ config:list system or similar is best, but, if not possible, the contents of your config.php file from /path/to/nextcloud is fine (make sure to remove any identifiable information! → domain redacted):

{
    "system": {
        "htaccess.RewriteBase": "\/",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "apps_paths": [
            {
                "path": "\/var\/www\/html\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/www\/html\/custom_apps",
                "url": "\/custom_apps",
                "writable": true
            }
        ],
        "upgrade.disable-web": true,
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "nextcloud.domain.org",
            "192.168.1.150:10081"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "pgsql",
        "version": "30.0.6.2",
        "overwrite.cli.url": "http:\/\/nextcloud.domain.org",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true
    }
}

Apps

The output of occ app:list (if possible).

Enabled:
  - activity: 3.0.0
  - app_api: 4.0.6
  - bruteforcesettings: 3.0.0
  - circles: 30.0.0
  - cloud_federation_api: 1.13.0
  - comments: 1.20.1
  - contactsinteraction: 1.11.0
  - dashboard: 7.10.0
  - dav: 1.31.1
  - federatedfilesharing: 1.20.0
  - federation: 1.20.0
  - files: 2.2.0
  - files_downloadlimit: 3.0.0
  - files_pdfviewer: 3.0.0
  - files_reminders: 1.3.0
  - files_sharing: 1.22.0
  - files_trashbin: 1.20.1
  - files_versions: 1.23.0
  - firstrunwizard: 3.0.0
  - logreader: 3.0.0
  - lookup_server_connector: 1.18.0
  - nextcloud_announcements: 2.0.0
  - notes: 4.11.0
  - notifications: 3.0.0
  - oauth2: 1.18.1
  - openotp_auth: 1.30.5
  - password_policy: 2.0.0
  - privacy: 2.0.0
  - provisioning_api: 1.20.0
  - recommendations: 3.0.0
  - related_resources: 1.5.0
  - serverinfo: 2.0.0
  - settings: 1.13.0
  - sharebymail: 1.20.0
  - support: 2.0.0
  - survey_client: 2.0.0
  - systemtags: 1.20.0
  - text: 4.1.0
  - theming: 2.6.0
  - twofactor_backupcodes: 1.19.0
  - updatenotification: 1.20.0
  - user_status: 1.10.0
  - viewer: 3.0.0
  - weather_status: 1.10.0
  - webhook_listeners: 1.1.0-dev
  - workflowengine: 2.12.0
Disabled:
  - admin_audit: 1.20.0
  - encryption: 2.18.0
  - files_external: 1.22.0
  - photos: 3.0.2 (installed 3.0.2)
  - suspicious_login: 8.0.0
  - twofactor_nextcloud_notification: 4.0.0
  - twofactor_totp: 12.0.0-dev
  - user_ldap: 1.21.0

Tips for increasing the likelihood of a response

  • Use the preformatted text formatting option in the editor for all log entries and configuration output.
  • If screenshots are useful, feel free to include them.
    • If possible, also include key error output in text form so it can be searched for.
  • Try to edit log output only minimally (if at all) so that it can be ran through analyzers / formatters by those trying to help you.

If your proxy is not indicating HTTPS is in-use (via the X-Forwarded-Proto header) to Nextcloud, try setting overwriteprotocol to https (docs). This will force it.

You may also consider (after that):

  • setting the overwrite.cli.url to an https one

Couple other notes:

The above is not a complete volume configuration. See Nextcloud Docker: Persistent data.

Reverse proxy: 1.22.1 (included in the nextcloud:latest official docker image) AND reverse proxy using NGINX proxy manager (Nginx v1.22.1 too)

No biggie, but just for the record: that image does not have nginx in it. It’s the Apache-based image.

1 Like

Hi, thank you for your quick and helpful answer. This has solved all my problems. Nextcloud no longer complains, and a weird document list error I had seems to be fixed. Thank you.

To address your points:

  • About the volumes: The directories are bind-mounted into my host system. This is more convenient for my small use case (<5 people)
  • About NGINX in the docker image: I connected to the container’s shell (using portainer) and ran apt list nginx and it returned :
Listing... Done
nginx/stable 1.22.1-9 amd64

So I guess it’s in the image but not configured/used.

Glad you got it working!

As for nginx, that just means the package is available in Debian. It’s not actually installed / in the image.

Right, I forgot how apt works, even though I use it everyday. Thanks for your reply kind sir!

1 Like

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.