NV1704
February 13, 2025, 4:12pm
1
Everytime Users have (mandatory ofcourse) Windows update, Nextcloud client is pushing them to log in again with their credentials so that the sync-link stays active.
Often users just click this popup away, and don’t notice until it’s too late.
Is there a work-around for this, so that every windows update, it doesn’t require you to log in again?
tflidd
February 14, 2025, 9:24am
2
I don’t see such a behavior, I even did an upgrade Win 10-> Win 11 without re-entering the credentials of the NC client.
But if they shut down and start their Windows again, will they see the same issue (not just the sleep/hibernate state)? There is one open bug report on logins after a system restart:
opened 02:22PM - 16 Jan 25 UTC
bug
### ⚠️ Before submitting, please verify the following: ⚠️
- [x] This is a **bug… **, not a question or a configuration issue.
- [x] This issue is **not** already reported on Github (I've searched it).
- [x] Nextcloud Server and Desktop Client are **up to date**. See [Server Maintenance and Release Schedule](https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule) and [Desktop Releases](https://nextcloud.com/install/#install-clients) for supported versions.
- [x] I agree to follow Nextcloud's [Code of Conduct](https://nextcloud.com/contribute/code-of-conduct/)
### Bug description
Hello, I am also experiencing this issue with desktop client `3.15.3` on Windows 11. There’s probably a link with the [recent migration to Qt6](https://github.com/nextcloud/desktop/commit/79a150baf4d193e316ed356c8b5b9b85f6d94906) and the previous QtKeychain implementation in the client. That feature has not been updated since the first release so I’m tagging the most recent contributor to the file `httpcredentials.cpp` @mgallien and the original contributor @ckamm.
The initial connection works well while providing the PKCS#12 client certificate and the password. It seems there’s a mismatch where the certificate bundle is either not properly saved in the keychain or is not fetched correctly on the next login :
[https://github.com/nextcloud/desktop/blob/master/src/libsync/creds/httpcredentials.cpp#L440](https://github.com/nextcloud/desktop/blob/master/src/libsync/creds/httpcredentials.cpp#L440)
It seems the client certificate is found, but its password was not correctly saved and can’t be found on following attempts to login.
```
[ warning qt.core.qobject.connect unknown:0 ]: QObject::connect(QNetworkInformation, OCC::Application): invalid nullptr parameter
[ warning qt.qml.context unknown:0 ]: qrc:/qml/src/gui/tray/CurrentAccountHeaderButton.qml:84:13 Parameter "index" is not declared. Injection of parameters into signal handlers is deprecated. Use JavaScript functions with formal parameters instead.
[ warning qt.qml.context unknown:0 ]: qrc:/qml/src/gui/tray/CurrentAccountHeaderButton.qml:85:13 Parameter "object" is not declared. Injection of parameters into signal handlers is deprecated. Use JavaScript functions with formal parameters instead.
[ info nextcloud.gui.account.state C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\accountstate.cpp:285 ]: check connectivity
[ info nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:139 ]: Fetch from keychain!
[ info nextcloud.gui.folder.navigationpane C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\navigationpanehelper.cpp:110 ]: Explorer Cloud storage provider: saving path "C:\\Users\\User\\Nextcloud" to CLSID "{myid}"
[ warning nextcloud.sync.credentials.keychainchunk C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\libsync\creds\keychainchunk.cpp:360 ]: Unable to read "Nextcloud__clientCertificatePEM:https://myserver.com/:0" chunk "0" "Password entry not found"
[ info nextcloud.gui.folderwatcher C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\folderwatcher.cpp:252 ]: Detected changes in paths: QSet("C:/Users/User/Nextcloud/.nextcloudsync.log")
[ warning nextcloud.sync.credentials.keychainchunk C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\libsync\creds\keychainchunk.cpp:360 ]: Unable to read "Nextcloud__clientKeyPEM:https://myserver.com/:0" chunk "0" "Password entry not found"
[ warning nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:463 ]: Unable to read client key "Password entry not found"
[ warning nextcloud.sync.credentials.keychainchunk C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\libsync\creds\keychainchunk.cpp:360 ]: Unable to read "Nextcloud__clientCaCertificatePEM0:https://myserver.com/:0" chunk "0" "Password entry not found"
[ warning nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:504 ]: Unable to read client CA cert slot "0" "Password entry not found"
[ warning nextcloud.sync.credentials C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\libsync\creds\abstractcredentials.cpp:42 ]: Error: User is empty!
[ warning nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:537 ]: Strange: User is empty!
```
```
[ warning nextcloud.sync.networkjob C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\libsync\abstractnetworkjob.cpp:223 ]: QNetworkReply::UnknownNetworkError "Erreur lors de la lecture : error:0A00045C:SSL routines::tlsv13 alert certificate required" QVariant(Invalid)
[ warning nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:207 ]: QNetworkReply::UnknownNetworkError
[ warning nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:208 ]: "Erreur lors de la lecture : error:0A00045C:SSL routines::tlsv13 alert certificate required"
[ info nextcloud.sync.accessmanager C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\libsync\accessmanager.cpp:67 ]: 2 "" "https://myserver.com/status.php" has X-Request-ID "mysecretid"
[ info nextcloud.sync.networkjob C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\libsync\abstractnetworkjob.cpp:365 ]: OCC::CheckServerJob created for "https://myserver.com" + "status.php" "OCC::ConnectionValidator"
[ info nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:405 ]: request finished
[ warning nextcloud.sync.networkjob C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\libsync\abstractnetworkjob.cpp:223 ]: QNetworkReply::UnknownNetworkError "Erreur lors de la lecture : error:0A00045C:SSL routines::tlsv13 alert certificate required" QVariant(Invalid)
[ warning nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:207 ]: QNetworkReply::UnknownNetworkError
[ warning nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:208 ]: "Erreur lors de la lecture : error:0A00045C:SSL routines::tlsv13 alert certificate required"
[ warning nextcloud.sync.networkjob.checkserver C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\libsync\networkjobs.cpp:546 ]: error: status.php replied 0 ""
[ warning nextcloud.sync.connectionvalidator C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\connectionvalidator.cpp:163 ]: QNetworkReply::UnknownNetworkError "Erreur lors de la lecture : error:0A00045C:SSL routines::tlsv13 alert certificate required" "Erreur lors de la lecture : error:0A00045C:SSL routines::tlsv13 alert certificate required" ""
[ warning nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:207 ]: QNetworkReply::UnknownNetworkError
[ warning nextcloud.sync.credentials.webflow C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\creds\webflowcredentials.cpp:208 ]: "Erreur lors de la lecture : error:0A00045C:SSL routines::tlsv13 alert certificate required"
[ info nextcloud.gui.folder.manager C:\Users\User\AppData\Local\Temp\windows-27802\client-building\desktop\src\gui\folderman.cpp:813 ]: Account "Me@myserver" disconnected or paused, terminating or descheduling sync folders
```
### Steps to reproduce
1. Successful login with a client certificate
2. Restart the client or reboot the device
3. App has forgotten the client certificate password and does not prompt for it, account is disconnected
4. Removing the account and connecting again results in the app asking for the client certificate password as successful login
### Expected behavior
Client certificate file and password should be stored across client restarts and device reboots.
### Which files are affected by this bug
httpcredentials.cpp
### Operating system
Windows
### Which version of the operating system you are running.
Windows 11 24h2
### Package
Official Windows MSI
### Nextcloud Server version
30.0.5
### Nextcloud Desktop Client version
3.15.3
### Is this bug present after an update or on a fresh install?
Fresh desktop client install
### Are you using the Nextcloud Server Encryption module?
Encryption is Disabled
### Are you using an external user-backend?
- [ ] Default internal user-backend
- [ ] LDAP/ Active Directory
- [ ] SSO - SAML
- [ ] Other
### Nextcloud Server logs
```shell
No server logs since the reverse proxy forbids connection to Nextcloud server because it is not presented with a client certificate.
```
### Additional info
Thank you so much for this great piece of software !!!