Requesting Address is Denied. Unable to open Next Cloud Office

Okay let me try it.

@ZendaiOwl are you able to fully delete posts? the one I deleted has information I do not need on the internet lol. I know mods can. Any idea how to get ahold of one?

If you deleted a post it is gone for others except the forum admins (I think) and you :slight_smile:

I can’t see your post anymore

Wonderful thank you!

Okay Im trying the new stack now.

1 Like

@ZendaiOwl I made the SSL = false, and now it wont connect to the server at all.

wsd-00001-00040 2022-02-27 07:57:40.717650 +0000 [ websrv_poll ] ERR Looks like SSL/TLS traffic on plain http port| wsd/COOLWSD.cpp:2668
wsd-00001-00040 2022-02-27 07:57:40.719075 +0000 [ websrv_poll ] ERR Looks like SSL/TLS traffic on plain http port| wsd/COOLWSD.cpp:2668
wsd-00001-00040 2022-02-27 07:57:44.516879 +0000 [ websrv_poll ] ERR Looks like SSL/TLS traffic on plain http port| wsd/COOLWSD.cpp:2668
wsd-00001-00040 2022-02-27 07:57:44.518328 +0000 [ websrv_poll ] ERR Looks like SSL/TLS traffic on plain http port| wsd/COOLWSD.cpp:2668
wsd-00001-00040 2022-02-27 07:57:44.519807 +0000 [ websrv_poll ] ERR Looks like SSL/TLS traffic on plain http port| wsd/COOLWSD.cpp:2668

It wont allow an http connection as the website is ssl’ed, and the collabora server has to be in the same protocol as the domain.

Hm :thinking:

So the configuration should be something along the lines of

Nextcloud server ← This one needs to have SSL for HTTPS, when you connect to it

Collabora server ← The reverse_proxy you use to connect to this one should not use SSL -or- use SSL/TLS and turn off the insecure verification for the connection

I have multiple services set up at home on a Proxmox with a Caddy server reverse_proxy to all of them, the Caddy holds all the certificates (SSL) for my services and reverse_proxies to the other VM’s and containers using HTTPS with TLS insecure verification turned off. (I can use HTTP as well, which is how it was at first before I turned on the SSL as I was setting it up)

EDIT: I also remembered, you need to pass Host headers with the reverse_proxy as well when you’re using SSL/TLS, though that will depend on the reverse_proxy you use and how it functions

So I have a rewrite to the local IP and port of the docker containers. they arnt http, or https.
https://prnt.sc/lULnRp_5mMvg

And also I have the rewrites in the website htaccess.
https://prnt.sc/zT-Rjz79v5Io

So I do have https on it. Im changing it now.

Correct, currently it is forcing you to use HTTPS regardless as you’re specifying that in the URI there with the IP

Got it. It must use ssl right? Due to the nextcloud office thing sayign it has to be the same protocol as the domain? So do I change that to http, and the force ssl in the stack?

Or do I turn ssl off everywhere and let my wild card do the ssl?

Hm, if the docs say it has to use the same protocol then you will need to turn it on and turn off the insecure verification so it allows the connection

Checked the github some more and here is another setting that needs to be set :slight_smile:
net.post_allow.host

I recommend reading through that GitHub issue post and cross-reference your configuration with what they are saying there :+1: should give you the most hints at what is not working

It’s difficult for me to troubleshoot any further here as I don’t have any hands-on experience with setting up a collabora server behind a reverse_proxy

@ZendaiOwl

  • extra_params= --o:server_name=collab.qubitologyhldg.com --o:ssl.enable=false --o:ssl.termination=true --o:net.post_allow.host=::ffff:75.143.148.[0-9]+ --o:net.post_allow.host=75.143.148.[0-9]+ --o:net.proto=IPv4

is what I have currently.

How do I go about this?

Read the GitHub issue ^^

Others have posted similar config to yours saying that does not work, one is saying to pass only 1 host, there is also an IPv6 trick that seems to work for multiple users but not for others

That depends on your reverse_proxy, you’ll have to check its documentation

Got it. Yea ive been on that post for a few hours now before I came here. Im trying it all lol! This is the error Im receiving now.

wsd-00001-00040 2022-02-27 08:21:27.894461 +0000 [ websrv_poll ] ERR Socket #23 SSL BIO error: error:1408F09C:SSL routines:ssl3_get_record:http request (0: Success)| ./net/SslSocket.hpp:348
wsd-00001-00040 2022-02-27 08:21:27.894484 +0000 [ websrv_poll ] ERR Error while handling poll for socket #23 at 0 in websrv_poll: error:1408F09C:SSL routines:ssl3_get_record:http request| net/Socket.cpp:466
wsd-00001-00040 2022-02-27 08:21:27.894624 +0000 [ websrv_poll ] ERR Socket #23 SSL BIO error: error:1408F09C:SSL routines:ssl3_get_record:http request (0: Success)| ./net/SslSocket.hpp:348
wsd-00001-00040 2022-02-27 08:21:27.894658 +0000 [ websrv_poll ] ERR Error while handling poll for socket #23 at 0 in websrv_poll: error:1408F09C:SSL routines:ssl3_get_record:http request| net/Socket.cpp:466
wsd-00001-00040 2022-02-27 08:21:27.894720 +0000 [ websrv_poll ] ERR Socket #24 SSL BIO error: error:1408F09C:SSL routines:ssl3_get_record:http request (0: Success)| ./net/SslSocket.hpp:348

Check this one for that issue, someone has posted a link to a possible work-around at the end of the issue

Yup I have that in my stack. Im really not sure at this point.

Here is another issue for a reverse_proxy wehre you can see a couple examples of passing headers for NGINX

Basically, as far as I can tell, your issue stems around the reverse_proxy and its connection to the collabora server :slight_smile: so my recommendation is to google around a bit for that and I believe you will solve this :+1:

@qubit2022 Here is another post from this forum

And here is another with a guide on how to set it up using Ubuntu, Collabora Code and Docker

@qubit2022 The guide above from this forum shows an example of turning off ssl/tls insecure verification for Apache2
SSLProxyVerify None