Hello,
I’m using Nextcloud for some years now and was able to install the sync client on my work laptop (Win10). However recently the IT start hijacking some certificates and resign them with their firewall certificate . My Let’s Encrypt certificate used on my Nextcloud instance looks like in the “graylist” of the one accepted buy resigned by the firewall (some website are totally blocked, some are working normal with the original certificate, like one of my other website with also a Let’s Encrypt Cert).
As soon as they start doing this, Nextcloud client refused to connect, as it should, because the certificate was not supposed valid (in Firefox there is this warning that you must accept the wrong certificate to continue). As It didn’t like me so much, I tried going around and used Tor and proxy Nextcloud through Tor to use it at work, while I can use it properly in home office or when connected to any other network, which is totally allowed with my work laptop with or without VPN to my company network (how stupid this is).
After several days, changing back and forth the proxy option in Nextcloud, suddenly Nextcloud manage to accept the certificate from my company firewall without any confirmation that I trust it from my side.
How is it possible? Unless I did something wrong, it looks like a bad security breach.
How can I untrust this certificate in the Nextcloud client again?