Nextcloud Talk Test Setup with self-signed Certs behind Apache Reverse Proxy


just trying to setup a nextcloud docker-based test environment. Everything is working as expected but not NC Talk (audio / video) because - imho - it uses webrtc which need https encryption. I can not (restrictions) set a valid cert configuration.

Is one of these guys here who have to set a working NC Talk audio / video environment in local network without valid certs?

It’s not exactly an answer - but me and lot of other users successfully implemented Talk with Docker and letencrypt certificate…

I would recommend against using “invalid certificates”. While from technical stand point every certificate: self-signed, untrusted or outdated offers exactly the same level of TLS transport security browsers and clients implement measures to enforce usage of valid and trusted certificates (in other words certificates issued by known public CA or manually trusted by the user). Make you life easier using only “valid” certificates.

Valid certificates could be issued by trusted public CA like VeriSign, GoDaddy, letsencrypt. If this doesn’t work you for any reason, setup your own CA and make your client trust this CA and TLS issue certificates for your services from this CA. 2nd way is much harder as you need to make every endpoint trust your your root CA - otherwise certificate errors arise (applies to external parties as well e.g. if you share files or invite external people into Talk calls).

CA = “Certificate Authority”

You’r right, i have a full working own “production” set with LE Certs. This should be only for test purpose…