I have two nextclouds, one with IP address of 192.168.67.200 and one with IP address of 192.168.67.198. They are all configured with SSL and can be accessed through HTTPS. And the two servers can be pinged,
However, when I share a file on 192.168.67.198 to a user on 192.168.67.200, I fill in the sharing box with the user’s federated cloud ID: xxx@192.168.67.200 , indicating that the creation of the share failed and the server could not be found.
I checked the log. Here is a screenshot of the log.
Do you use firewalls or restricted ports (restricted LISTEN on webserver port 443?). For Federation you need communicate between both servers with HTTPS. The one server is the https-client and the other is the https-server (and vice-versa).
Another problem is perhaps the fact that the servers does not trust the SSL certificates each other.
Test perhaps:
on server .198: curl --cert-status https://192.168.67.200
on server .200: curl --cert-status https://192.168.67.198
Your method is very good. I tested it with your method. The following prompt appears to indicate that SSL certificate verification failed. on server .198:
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
I use the OpenSSL command to make the certificate. So how to verify with SSL? How to solve this problem?
apparently you don’t have any FQDN (at least not on .200 server). Self-signed certificates don’t work with federation.
The problem is: you wanna have TWO servers sharing the same external address… So either you do solve that via different ports (like 80/443 on the first one and perhaps 8080/4443 one the second one), call server 1 like sv1.yourdomain.tld and server 2 like sv2.yourdomain.tld and try to obtain valid certificates for each of those…
or you’d try an reverse proxy, give your two server two different names and apply for a certificate for each of them.
i think federation was made to connect servers from different networks. so it could be a problem that yours are in the same network. and that you use IP-addresses and no URLs.
and this is the problem… they are no “public” URLs. Only vaild within your own network. And thus it won’t work.
They need to be accessible from the outside as well… each of them. Meaning: I (and everyone else) would need to be able to access them by that address.