What if I don't want HTTPS?

My NextCloud instance is only available when you’re signed into my OpenVPN network. Therefore, traffic is already implied to be encrypted at the network level (AES-128-CBC if you’re curious). Running HTTPS within an already encrypted network would cause the traffic to be encrypted and decrypted twice, which is a huge performance hit that I don’t want.

Can I disable the HTTPS requirement without having to fork the whole project? I can’t just switch back to Passman, it won’t import my backup and apparently Passman is dead now.

I don’t normally say this kind of thing, but if you would prefer not to have instructions on how to bypass the HTTPS restriction available in a public location (honestly, fair), I’ll accept answers via private message.

# --expert --disable-mitm-warnings

IMHO you do not need https in your environment - nearly my “backup access” with AVM fritzbox VPN access …

I am using for regular access two apache2 sub domains (one for nc, one for libreoffice online) with letsencrypt and reverse proxy config to forwarding to the correspondending docker images. These internal connections are unencrypted.

But do not forget that the focus to TLS access from internet should not be broken. And IMHO the android / android talk app works only with TLS.

There is no option to disable the HTTPS requirement in the Passwords app and there won’t be one.

HTTPS or HTTP/2 usually has no notable performance impact. If it does on your server, then i wonder what the server side encryption of this app will do to it.

This app also does use browser APIs that are either are already restricted to secure environments (meaning HTTPS) or will be so in the future. Functionality of the web interface will be broken if these APIs are not available. :computer::fire:

Since the API of the app promises that HTTPS will be used in all cases, i would not expect any official or third party client to support non-https connection or even let you set up one.

You can fork the app and maintain your own version or you can use HTTPS.

i don’t want to be “vulgaire”, but having HTTPS is like having a condom, even in a safe environment. It is call good policies …

Not having HTTPS, is like … see what i mean.

Better safe than sorry.

That’s what I was afraid of. How do I lock my thread?