TLDR Problem: I can connect to my NC instance over my browser https://my-domain.com
just fine, but when I try the same URL in my linux desktop client (Linux Mint, latest NC client version as of 2021/08/29) I get a failed to connect...
The NC client app used to be able to access it just fine when my NC instance was public accessible from the internet, but then I decided to keep it internal only, with a different port (was a custom one, now just typical port 443).
So I have my NC instance running in docker in my raspberry pi, which also is running pi-hole for custom DNS. I’ve edited my linux machine to use the raspberry pi’s DNS and it’s set up fine: Again - I’m able to access my NC instance through my browser with https://my-domain.com
, but my NC app just won’t work. Running nslookup
shows that my DNS is correctly translating my-domain
to the IP port of my raspberry pi.
I did see this comment from this page
Hi there. For internal network access you have to use http instead of https. Because you use Letsencrypt for cert with a domain name, Nextcloud expects the name (IP or Domain) to match the cert name.
Hope it helps you. Cheers.
But I can’t find where the certificate is located.
Any other clues? Thanks
P.S., My containers are running behind nginx-reverse-proxy
which only accepts HTTPS
connections.
Edit: Interestingly, my partner’s NC client app (Mac OS) was able to connect… but mine (on linux) doesn’t. I’m very confused.
Edit 2: Using wireshark, it looks like only HTTP
connections are trying to be established, not HTTPS
despite setting my URL in the NC app to be https://...
A wireshark capture for example says:
Expert Info (Warning/Security): Unencrypted HTTP protocol detected over encrypted port, could indicate a dangerous misconfiguration.
and the response from the NC client states: Error communicating with HTTP proxy
Edit 3: I already have overwriteprotocol => true
and overwrite.cli.url => http://my-domain.com
already set in my config.php
…
Edit 4: I figured it out… In my nextcloud app network settings
, I accidentally changed the proxy configuration from no proxy
to specify proxy manually as...
. Changing it back to no proxy
fixed it… I also had to right click the notification to get into the settings… which was not obvious because there was no settings option in the UI of the app…