Your web server is not configured correctly to resolve "/.well-known/caldav"

Ibrahim_Ali · November 26, 2020, 9:06am

hello, I installed nextcloud and everything is fine, except that in the summary tab I get the following errors:

Your web server is not configured correctly to resolve “/.well-known/caldav”. More information is available in the documentation.

Your web server is not configured correctly to resolve “/.well-known/carddav”. More information is available in the documentation.

The “Strict-Transport-Security” HTTP header is not configured with a value of at least “15552000” seconds. To improve security, we recommend enabling HSTS as described in security tips .

I also noticed that in addition to having the htaccess file present in the directory I also have 2 others, one in the config folder and one in the Nextcloud / data folder even if the directory is external from the installation path

i’ve already seen the old posts but i can’t resolve, below my files:

Config File:

virtual host:

htaccess file:

SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1 # Add security and privacy related headers

# Avoid doubled headers by unsetting headers in "onsuccess" table,
# then add headers to "always" table: https://github.com/nextcloud/server/pull/19002
Header onsuccess unset Referrer-Policy
Header always set Referrer-Policy "no-referrer"

Header onsuccess unset X-Content-Type-Options
Header always set X-Content-Type-Options "nosniff"

Header onsuccess unset X-Download-Options
Header always set X-Download-Options "noopen"

Header onsuccess unset X-Frame-Options
Header always set X-Frame-Options "SAMEORIGIN"

Header onsuccess unset X-Permitted-Cross-Domain-Policies
Header always set X-Permitted-Cross-Domain-Policies "none"

Header onsuccess unset X-Robots-Tag
Header always set X-Robots-Tag “none”

Header onsuccess unset X-XSS-Protection
Header always set X-XSS-Protection "1; mode=block"

SetEnv modHeadersAvailable true

Add cache control for static resources

<FilesMatch “.(css|js|svg|gif)$”>
Header set Cache-Control “max-age=15778463”

Let browsers cache WOFF files for a week

<FilesMatch “.woff2?$”>
Header set Cache-Control “max-age=604800”

php_value mbstring.func_overload 0
php_value default_charset ‘UTF-8’
php_value output_buffering 0

SetEnv htaccessWorking true

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} DavClnt
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^.well-known/host-meta /public.php?service=host-meta [QSA,L]
RewriteRule ^.well-known/host-meta.json /public.php?service=host-meta-json [QSA,L]
RewriteRule ^.well-known/webfinger /public.php?service=webfinger [QSA,L]
RewriteRule ^.well-known/nodeinfo /public.php?service=nodeinfo [QSA,L]
RewriteRule ^.well-known/carddav /remote.php/dav/ [R=301,L]
RewriteRule ^.well-known/caldav /remote.php/dav/ [R=301,L]
RewriteRule ^remote/(.) remote.php [QSA,L]
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/. - [R=404,L]
RewriteCond %{REQUEST_URI} !^/.well-known/(acme-challenge|pki-validation)/.*
RewriteRule ^(?:.|autotest|occ|issue|indie|db_|console).* - [R=404,L]

AddType image/svg+xml svg svgz
AddEncoding gzip svgz

DirectoryIndex index.php index.html

AddDefaultCharset utf-8
Options -Indexes

ModPagespeed Off

Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"

DO NOT CHANGE ANYTHING ABOVE THIS LINE

ErrorDocument 403 /
ErrorDocument 404 /

Options -MultiViews
RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
RewriteCond %{REQUEST_FILENAME} !.(css|js|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg|ma>
RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
RewriteCond %{REQUEST_FILENAME} !core/img/manifest.json$
RewriteCond %{REQUEST_FILENAME} !/remote.php
RewriteCond %{REQUEST_FILENAME} !/public.php
RewriteCond %{REQUEST_FILENAME} !/cron.php
RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
RewriteCond %{REQUEST_FILENAME} !/status.php
RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
RewriteCond %{REQUEST_FILENAME} !/robots.txt
RewriteCond %{REQUEST_FILENAME} !/updater/
RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
RewriteCond %{REQUEST_FILENAME} !/ocm-provider/
RewriteCond %{REQUEST_URI} !^/.well-known/(acme-challenge|pki-validation)/.*
RewriteCond %{REQUEST_FILENAME} !/richdocumentscode(_arm64)?/proxy.php$
RewriteRule . index.php [PT,E=PATH_INFO:$1]
RewriteBase /

SetEnv front_controller_active true

DirectorySlash off

Thanks

KarlF12 · November 26, 2020, 6:47pm

I do it with rewrite and it works:

HowTo: Ubuntu + Docker + Nextcloud + Talk + Collabora

  RewriteEngine On
  RewriteRule ^/\.well-known/carddav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]
  RewriteRule ^/\.well-known/caldav https://%{SERVER_NAME}/remote.php/dav/ [R=301,L]

Spielmops · November 26, 2020, 8:26pm

Is this a variable or have I to replace it?
If I do not use .htaccess, do this rules go to the head-config of the server or into the virtual host-config?

Spielmops

KarlF12 · November 26, 2020, 8:43pm

You can put it in the vhost config and leave the variable as-is. It just returns the vhost ServerName.