Talk iOS - No response from server

Hello Nextcloud-community!

Nextcloud version: 22.2.3 (Latest stable)
Operating system and version: Linux 5.10.63-v7l+ armv7l (Raspberry Pi 4)
Apache or nginx version: Apache/2.4.38
PHP version: 8.0.13

iOS version: 15.2
Nextcloud Talk iOS: 13.0.1

The issue you are facing:
I have the Nextcloud Talk app for iOS connected with the server. Sometimes the app cannot connect to the server with the message “Conversation with * cannot be joined” - “No respsone from server”, however using the Android App does not result in any connection issue at all.
The issue appears only outside of the network (mobile internet) but not all the time, which is annoying. You never know when and why this happens

Is this the first time you’ve seen this error?: Y

Steps to replicate it:

1. Connect iOS Talk App with server (no problem)
2. Try to send a message outside the network

The output of your Nextcloud log in Admin > Logging:

No error messages in the log (nextcloud.log)

The output of your config.php file in /path/to/nextcloud:

<?php
$CONFIG = array (
  'passwordsalt' => ***,
  'secret' => ***,
  'trusted_domains' =>
  array (
    0 => 'hollasintheclouds.ddnss.de',
    1 => '192.168.178.2',
    2 => 'localhost',
    3 => 'nextcloud',
    4 => 'nextcloudpi',
  ),
  'datadirectory' => '/media/myCloudDrive/ncdata',
  'dbtype' => 'mysql',
  'version' => '22.2.3.0',
  'overwrite.cli.url' => 'https://hollasintheclouds.ddnss.de/',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => ***,
  'dbpassword' => ***,
  'installed' => true,
  'instanceid' => ***,
  'memcache.local' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' =>
  array (
    'host' => '/var/run/redis/redis.sock',
    'port' => 0,
    'timeout' => 0.0,
    'password' => ***,
  ),
  'tempdirectory' => '/media/myCloudDrive/ncdata/tmp',
  'mail_smtpmode' => 'smtp',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_from_address' => ***,
  'mail_domain' => ***,
  'loglevel' => '2',
  'log_type' => 'file',
  'maintenance' => false,
  'logfile' => '/media/myCloudDrive/ncdata/nextcloud.log',
  'htaccess.RewriteBase' => '/',
  'default_phone_region' => 'DE',
  'mail_sendmailmode' => 'smtp',
  'mail_smtpsecure' => 'tls',
  'mail_smtpport' => '587',
  'mail_smtphost' => ***,
  'mail_smtpauth' => 1,
  'mail_smtpname' => ***,
  'mail_smtppassword' => ***,
  'enable_previews' => true,
  'enabledPreviewProviders' =>
  array (
    0 => 'OC\\Preview\\PNG',
    1 => 'OC\\Preview\\JPEG',
    2 => 'OC\\Preview\\GIF',
    3 => 'OC\\Preview\\BMP',
    4 => 'OC\\Preview\\XBitmap',
    5 => 'OC\\Preview\\Movie',
    6 => 'OC\\Preview\\PDF',
    7 => 'OC\\Preview\\MP3',
    8 => 'OC\\Preview\\TXT',
    9 => 'OC\\Preview\\MarkDown',
    10 => 'OC\\Preview\\MP4',
    11 => 'OC\\Preview\\HEIC',
    12 => 'OC\\Preview\\MSOffice2003',
    13 => 'OC\\Preview\\MSOffice2007',
    14 => 'OC\\Preview\\MSOfficeDoc',
  ),
  'preview_max_x' => 1080,
  'preview_max_y' => 1920,
  'theme' => '',
  'overwriteprotocol' => 'https',
  'trusted_proxies' =>
  array (
    11 => '127.0.0.1',
    12 => '::1',
    13 => 'hollasintheclouds.ddnss.de',
    14 => '37.209.26.12',
  ),
);

The output of your Apache log in /var/log/apache2/error.log:

[Sun Dec 12 00:00:07.200919 2021] [ssl:warn] [pid 1077] AH01909: localhost:4443:0 server certificate does NOT include an ID which matches the server name
[Sun Dec 12 00:00:07.201116 2021] [ssl:error] [pid 1077] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=arm-build.pitowers.org / issuer: CN=arm-build.pitowers.org / serial: 4BA2B1EA188A4646ED5E44E217F1381F45294012 / notbefore: May  7 14:51:22 2021 GMT / notafter: May  5 14:51:22 2031 GMT]
[Sun Dec 12 00:00:07.201128 2021] [ssl:error] [pid 1077] AH02604: Unable to configure certificate localhost:4443:0 for stapling
[Sun Dec 12 00:00:07.201198 2021] [http2:warn] [pid 1077] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.
[Sun Dec 12 00:00:07.269223 2021] [mpm_prefork:notice] [pid 1077] AH00163: Apache/2.4.38 (Raspbian) OpenSSL/1.1.1d configured -- resuming normal operations
[Sun Dec 12 00:00:07.269248 2021] [core:notice] [pid 1077] AH00094: Command line: '/usr/sbin/apache2'

Is there anything I can look for? I only have an android phone by myself and never have any kind of problems with the connection. Is just a friend with his iPhone 12

Thanks in advance!

It may be, that the SSL - error is the reason, that Talk cannot connect. Many apps are rather sensitive, if SSL fails. Some of them offer the option to “trust anyway”, but nit all of them.

So, first check the certificate-settings.

I tried to solve any of the mentioned issues from the log /var/log/apache2/error.log

[Sun Dec 12 00:00:07.200919 2021] [ssl:warn] [pid 1077] AH01909: localhost:4443:0 server certificate does NOT include an ID which matches the server name
[Sun Dec 12 00:00:07.201116 2021] [ssl:error] [pid 1077] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: CN=arm-build.pitowers.org / issuer: CN=arm-build.pitowers.org / serial: 4BA2B1EA188A4646ED5E44E217F1381F45294012 / notbefore: May  7 14:51:22 2021 GMT / notafter: May  5 14:51:22 2031 GMT]
[Sun Dec 12 00:00:07.201128 2021] [ssl:error] [pid 1077] AH02604: Unable to configure certificate localhost:4443:0 for stapling

I did not have any luck finding a solution to it. I am using Letsencrypt which was configured automatically by Nextcloudpi. Using a SSL Checker does not bring up any issues with the certificate:

Something I noticed with the apache config is the following

root@nextcloudpi:/home/pi# apachectl -S
VirtualHost configuration:
*:80                   localhost (/etc/apache2/sites-enabled/000-default.conf:1)
*:4443                 localhost (/etc/apache2/sites-enabled/ncp.conf:2)
*:443                  hollasintheclouds.ddnss.de (/etc/apache2/sites-enabled/nextcloud.conf:4)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33

You can see that port 80 in the vhost config is set to localhost and port 443 to the actual domain. Port 80 is set in /etc/apache/sites-enabled/000-default.conf:

root@nextcloudpi:/home/pi# cat /etc/apache2/sites-enabled/000-default.conf
<VirtualHost _default_:80>
  DocumentRoot /var/www/nextcloud
  <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule ^.well-known/acme-challenge/ - [L]
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
  </IfModule>
  <Directory /var/www/nextcloud/>
    Options +FollowSymlinks
    AllowOverride All
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
    LimitRequestBody 0
  </Directory>
</VirtualHost>

Port 443 is set in /etc/apache/sites-enabled/nextcloud.conf:

root@nextcloudpi:/home/pi# cat /etc/apache2/sites-enabled/nextcloud.conf
### DO NOT EDIT! THIS FILE HAS BEEN AUTOMATICALLY GENERATED. CHANGES WILL BE OVERWRITTEN ###

<IfModule mod_ssl.c>
  <VirtualHost _default_:443>
    DocumentRoot /var/www/nextcloud
    ServerName hollasintheclouds.ddnss.de
    CustomLog /var/log/apache2/nc-access.log combined
    ErrorLog  /var/log/apache2/nc-error.log
    SSLEngine on
    SSLProxyEngine on
    SSLCertificateFile   /etc/letsencrypt/live/hollasintheclouds.ddnss.de/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/hollasintheclouds.ddnss.de/privkey.pem

    # For notify_push app in NC21
    ProxyPass /push/ws ws://127.0.0.1:7867/ws
    ProxyPass /push/ http://127.0.0.1:7867/
    ProxyPassReverse /push/ http://127.0.0.1:7867/
  </VirtualHost>

  <Directory /var/www/nextcloud/>
    Options +FollowSymlinks
    AllowOverride All
    <IfModule mod_dav.c>
      Dav off
    </IfModule>
    LimitRequestBody 0
    SSLRenegBufferSize 10486000
  </Directory>
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
  </IfModule>
</IfModule>

Could that port 80 cause a problem?

EDIT: Format

I don’t think so, because the app should use https to port 443 only. Port 80 only is needed for verification by Letsencrypt - see first RewriteRule.

Thank for you reply. I see what you mean with the rewrite rule for port 80:

RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

I wanted to test my Backup and Restore solution and took the chance to complete reset the entire OS (NCP Image) and restored the nextcloud config.
Problem still persists.
There is nothing I can think of right now

Maybe I found the problem and therefor I want to give a solution to it.
I still cannot verify this solution as of writing, but maybe it will give a hint to someone else:

If you look closely to my log in the first post (/var/log/apache2/error.log):

[Sun Dec 12 00:00:07.201198 2021] [http2:warn] [pid 1077] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.

I fixed this issue with the following guide and 3 days in, the issue did not appear so far. Maybe iOS expects the http/2 protocol and sometimes prevent the connection if it is not?

https://http2.co/how-to-fix-ah10034-the-mpm-module-prefork-c-is-not-supported-by-mod_http2/

Result from further testing:
This did not solve the problem. Same problem still persists and I have no clue…

Hi @Bl4DEx

the error you’re getting comes from this part of the code. StatusCode 0 is not an actual http error, but is used on iOS when there’s no network connection or the call timed out (see this for example).

A few things that came to my mind:

1. Please make sure, that mobile access is allowed for “Nextcloud Talk” (see Settings on the phone)
2. Check if there are any other restrictions of the mobile plan / connection (is there a VPN involed, which is only connected sometimes for example? Maybe the connection is too slow? Any bandwith limit reached?)
3. Check if you can open your nextcloud in safari right after talk failed (open hollasintheclouds.ddnss.de), if not, is any other site reachable?
4. If you can reproduce this quite easily, check if there’s an incoming request in the access logs of your server at the time of the error. (Also check “/media/myCloudDrive/ncdata/nextcloud.log” for any errors!)
5. If you got a mac, connect the phone to the mac and open the console of the phone. Look for “Could not join room”, there should be a error description besides statuscode 0 (see here for code)

I have the same issue, but only when I am trying to contact the server from outside the network, e.g. over LTE. When I am at home and in the same network everything works well. I set up a TURN server yesteday, because I thought that would be a firefwall issue, but that didn’t help either.

Hello @SysKeeper,

Thank for your replay and digging into the code!

1. The error occurs sometimes only. The app is not restricted and has full mobile access

2. The client has in fact a VPN but it is disabled all the time. He enables it for connecting to his router at home for calls only and disables it afterwards. Also, there is no VPN symbol in the top corner

3. This will be tested in the coming days! I will give feedback

4. I am on the stable version of nextcloud and there are almost no errors at all. The only errors are produced by Imagick because of some generation files of previews.
   There is no easy way to reproduce… Sometimes it works perfectly and then it is not working for some minutes and then it works again for no apparent reason. Restarting the app does not solve the problem immediately

5. Referring to 4. It is not easy to reproduce so there is probably no easy way to have the a Mac connected at the same time…

@coldspark29
I experience the issue only if I am using mobile Internet too. What Phone and iOS version are you using?
Mine:
iPhone 12
iOS 15.2 and 15.3 (Beta Version as of writing)

I got an iPhone SE and will also try to keep connect to Nextcloud talk. I want to know if this issue is related to the iPhone 12 and a specific version of iOS. I will also give Feedback

Hi @coldspark29,

a STUN/TURN server is not used when joining a room. Joining is a HTTP request to the API of the Nextcloud server. In general it makes sense to set up a TURN server, but won’t help you here.

I still think this is some kind of connectivity issue at this time. I’ve never experienced the error myself, unless the server really wasn’t reachable.

@Bl4DEx There is still a way to gather the console logs and access them later on a mac. If you have a developer account, you can look for the sysdiagnose instructions. It’s not the easiest way to collect console logs, though and depends on how ‘tech savvy’ your friend is.

I’m not sure if the current handling of statusCode 0 makes sense. I’ll take a look when I have time.