Hello,
I am running Nextcloud on my ODROID XU4 and had to replace the self signed certificates via Let’s Encrypt. After that I am running into the following error:
Nextcloud version (eg, 12.0.2): 17.0.1
Operating system and version (eg, Ubuntu 17.04): Debian Stretch with Armbian Linux 4.14.133-odroidxu4
Apache or nginx version (eg, Apache 2.4.25): 2.4.25
PHP version (eg, 7.1): 7.2.24-1+0~20191026.31+debian9~1.gbpbbacde
The issue you are facing:
When I connect to my Nextcloud Instance over the web interface it’s super slow and not all resources are fully loaded (e.g. navbar). On my iPhone I am using the Nextcloud Client and I get an SSL error message.
Oddly, when I try to connect from my girlfriend’s laptop I see an ERR_CONNECTION_RESET error. For more details I tried a curl with verbose option and got an SSL_ERROR_SYSCALL from her machine. From my laptop I get a normal HTTP-200 response.
When turning SSL off and using port 80 in my vhost everything is working fine.
Is this the first time you’ve seen this error? (Y/N): Y
Steps to replicate it:
- Connect to nextcloud instance via web or client
The output of your Nextcloud log in Admin > Logging:
[cron] Debug: Finished OC\Command\CommandJob job with ID 762 in 0 seconds
GET /cron.php
from 192.168.0.100 at 2019-11-24T15:05:00+00:00
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'instanceid' => '***',
'passwordsalt' => '***',
'secret' => '***',
'trusted_domains' =>
array (
0 => '***',
),
'memcache.local' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => 'localhost',
'port' => 6379,
),
'memcache.locking' => '\\OC\\Memcache\\Redis',
'datadirectory' => '/media/nas1',
'overwrite.cli.url' => '***',
'dbtype' => 'mysql',
'version' => '17.0.1.1',
'dbname' => 'nextcloud',
'dbhost' => 'localhost:3306',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => '***',
'dbpassword' => '***',
'installed' => true,
'loglevel' => '0',
'forcessl' => true,
'maintenance' => false,
'theme' => '',
'mail_smtpmode' => 'php',
'mail_smtpauthtype' => 'LOGIN',
'mail_smtpauth' => 1,
'updater.secret' => '***',
'updater.release.channel' => 'stable',
);
The output of your Apache/nginx/system log in /var/log/error.log
:
[Sun Nov 24 16:01:17.921582 2019] [ssl:error] [pid 2132] [client 64.41.200.106:52880] AH02042: rejecting client initiated renegotiation
The nextcloud.conf file in my /etc/apache2 folder
<VirtualHost *:80>
ServerAdmin mail@mail.com
DocumentRoot "/var/www/html/nextcloud"
ServerName ***
<Directory "/var/www/html/nextcloud/">
Options MultiViews FollowSymlinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
TransferLog /var/log/apache2/nextcloud_access.log
ErrorLog /var/log/apache2/nextcloud_error.log
RewriteEngine on
RewriteCond %{SERVER_NAME} =***
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
The SSL configuration for apache just includes the default from Let’s Encrypt I can post more of it if needed.
In general I am seeing my renewed certificate in the browser when connecting from my machine.
Expires: Saturday, 22. February 2020 at 13:07:28 Central European Standard Time
I appreciate any help!