Your web server is not properly set up to resolve "/.well-known/webfinger

ℹ️ Support
, , ,
1
Support intro

Sorry to hear you’re facing problems :slightly_frowning_face:

help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.

In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:

example

Or for longer, use three backticks above and below the code snippet:

longer
example
here

Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can :heart:

Nextcloud version (eg, 20.0.5): 26.0.13
Operating system and version (eg, Ubuntu 20.04): Ubuntu 20.04
Apache or nginx version (eg, Apache 2.4.25): nginx/1.18.0 (Ubuntu)
PHP version (eg, 7.4): PHP 8.1.28 (cli)

The issue you are facing:

I upgraded my nextcloud instance to 26 and this is what I see in settings-> administration->overview:

  • Your web server is not properly set up to resolve “/.well-known/webfinger”. Further information can be found in the [documentation :arrow_upper_right:]
  • Your web server is not properly set up to resolve “/.well-known/nodeinfo”. Further information can be found in the [documentation :arrow_upper_right:]

I have been through all the similar posts and tried the configurations in the responses but to no avail. is there something I am missing ?
Thanks for your help !

Is this the first time you’ve seen this error? (Y/N):
I made several upgrades from version 20 to 26, I don’t remember in what version it first appeared :frowning:

Steps to replicate it:

  1. Upgrade to Nextcloud Hub 3 or Nextcloud Hub 4
  2. Go to SettingsAdministrationOverview
  3. Security & setup warnings

The output of your Nextcloud log in Admin > Logging:

logs for the update being successful, no errors or warnings about missing files or configurations

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

   server {
    listen 80;
    listen [::]:80;
    server_name my_server_name;
    return 301 https://$server_name$request_uri;
    }

   server{
    listen 443 default_server ssl;
    listen [::]:443 default_server ssl;
    server_name my_server_name;
    #ssl on;
    ssl_certificate               /root/SSL_Server_my_server_name.pem;
    ssl_certificate_key           /root/SSL_Server_my_server_name_nopwd.key;
    ssl_trusted_certificate       /root/CA_full_my_domain.pem;
    ssl_dhparam                   /root/dh.pem;

    ssl_session_cache             shared:SSL:1m;
    ssl_session_timeout           1440m;
    ssl_buffer_size               8k;
    ssl_protocols                 TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers                   TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    ssl_prefer_server_ciphers     on;
    ssl_stapling                  on;
    ssl_stapling_verify           on;
# Add headers to serve security related headers
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag "noindex, nofollow";
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    add_header Referrer-Policy no-referrer;
    add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
    #I found this header is needed on Ubuntu, but not on Arch Linux. 
    add_header X-Frame-Options "SAMEORIGIN";

    # Path to the root of your installation
    root /usr/share/nginx/nextcloud/;

    access_log /var/log/nginx/nextcloud.access;
    error_log /var/log/nginx/nextcloud.error;


    # Specify how to handle directories -- specifying `/index.php$request_uri`
    # here as the fallback means that Nginx always exhibits the desired behaviour
    # when a client requests a path that corresponds to a directory that exists
    # on the server. In particular, if that directory contains an index.php file,
    # that file is correctly served; if it doesn't, then the request is passed to
    # the front-end controller. This consistent behaviour means that we don't need
    # to specify custom rules for certain paths (e.g. images and other assets,
    # `/updater`, `/ocs-provider`), and thus
    # `try_files $uri $uri/ /index.php$request_uri`
    # always provides the desired behaviour.
    index index.php index.html /index.php$request_uri;
    
    # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
    location = / {
        if ( $http_user_agent ~ ^DavClnt ) {
            return 302 /remote.php/webdav/$is_args$args;
        }
    }
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
    # last;

    # was originally here but I moved them to location ^~ /.well-known {..}
  ###
  #  location = /.well-known/carddav {
  #      return 301 $scheme://$host/remote.php/dav;
  #  }
  #  location = /.well-known/caldav {
  #     return 301 $scheme://$host/remote.php/dav;
  #  }

  #  location ~ /.well-known/acme-challenge {
  #  allow all;
  #  }
  ###

# manually added for NC 26
###
    location ~ \.woff2?$ {
            try_files $uri /nextcloud/index.php$request_uri;
            expires 7d;         # Cache-Control policy borrowed from `.htaccess`
            access_log off;     # Optional: Don't log access to assets
    }
###

    location ^~ /.well-known {
        # The rules in this block are an adaptation of the rules
        # in the Nextcloud `.htaccess` that concern `/.well-known`.

        location = /.well-known/carddav {
		# return 301 /nextcloud/remote.php/dav/;
		return 301 $scheme://$host/remote.php/dav;
 	}
        location = /.well-known/caldav  {
		# return 301 /nextcloud/remote.php/dav/;
		return 301 $scheme://$host/remote.php/dav;
	 }
	location /.well-known/acme-challenge    { try_files $uri $uri/ =404; }
        location /.well-known/pki-validation    { try_files $uri $uri/ =404; }

        # Let Nextcloud's API for `/.well-known` URIs handle all other
        # requests by passing them to the front-end controller.
        return 301 /index.php$request_uri;
   	
		#allow all;
		#return 301 $scheme://$host/index.php$request_uri;
	
    }

    # set max upload size
    client_max_body_size 1024M;
    fastcgi_buffers 64 4K;

    # Disable gzip to avoid the removal of the ETag header
    gzip off;

    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;

    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    location / {
       rewrite ^ /index.php;
    }

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
       deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
       deny all;
     }

    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
       include fastcgi_params;
       fastcgi_split_path_info ^(.+\.php)(/.*)$;
       try_files $fastcgi_script_name =404;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param PATH_INFO $fastcgi_path_info;
       #Avoid sending the security headers twice
       fastcgi_param modHeadersAvailable true;
       fastcgi_param front_controller_active true;
       fastcgi_pass unix:/run/php/php8.1-fpm.sock;
       fastcgi_intercept_errors on;
       fastcgi_request_buffering off;
    }

    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
       try_files $uri/ =404;
       index index.php;
    }

    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~* \.(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "public, max-age=7200";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        add_header Referrer-Policy no-referrer;
        # Optional: Don't log access to assets
        access_log off;
   }

   location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
        access_log off;
   }
}

The output of your Apache/nginx/system log in /var/log/____:

PASTE HERE

PASTE HERE


Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.

PASTE HERE
2

The Nginx config is periodically updated (as it was for v26 and mentioned in the Release Notes of the Admin Manual). You may want to clean yours up and bring it up-to-date:

https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html#nginx-config