Thanks in advance for any help you can provide. I have configured a nextcloud instance on a raspberry pi with Debian 11 bullseye.
Nextcloud is working perfectly fine, I have been able to connect from an Android device and also from windows clients. But when it comes to connect from iOS devices, the nightmare begins.
I got an error when trying to connect with the following message:
I have tried to set up SSL for apache with a self signed certificate, but still no luck.
I am not able to use a certificate from Let’s encrypt cause the domain is only accesible from the local LAN and from the VPN, both using a custom DNS (Pi-hole).
This looks like your certificate does not match the requirements set by app transport security. Check for example Apple Developer Documentation or Cocoa Keys
Well, the requirements can be found at the links in my previous message
Disabling ATS is only possible at compile time, so no, you can’t disable it. If I’m not mistaken ATS does not apply if you try to connect via IP instead of a host name, but of course best solution is to adjust your certificates according to the documentation.
Are you talking about the files or the talk iOS app? Last time I checked ATS was not enforced on the files app, but is enforced on talk.
Regarding the certificates adjustment, the thing is that the hole infrastructure is private and only accesible from the local network and from a wireguard VPN. I didn’t want to make the domain accessible from internet, so I’m trying to find a way to use valid certificates for a private domain (the selfsigned certificates are not trusted by the app).
Any suggestions are welcome
However, I’ll try the IP method, and at least I can test the app behavior on iOS
the problem is not the self signed certificate, the problem is what kind of certificate is used. Just have a look at the links and adjust the creation of your certificate accordingly
