adding nextcloud webdav with untrust CA. --> issues

[doreks]

do you know if there is any option to add my nextcloud server if I have an untrusted certificate and it doesn't fail to bind?
I don't have http enabled only https.
when i try to link it by url name i get this error in the log:

2021-02-15 16:02:11 DEBU http: POST /api/v1/accounts (400) [465.971556ms]
2021-02-15 16:02:11 DEBU api: abort /api/v1/accounts with code 400 (Could not connect, please try again)
2021-02-15 16:02:11 ERRO could not connect

I'm assuming it's a certificate issue but the log doesn't give me any more information either... is there anything else we can check or do that won't throw the service out for this?

thanks!

[lastzero]

It probably is... either you add the ca cert to the container or you get a valid cert as turning off SSL validation throughout the app is not really an option although it may prevent errors. Why not use HTTP if the certificate is not valid anyways? You may use a tunnel instead to get encryption.

[doreks]

hi,
thanks for your quick answer!
well, it is not a HTTP option because it is a custom docker from nextcloud : linuxserver/nextcloud and does not enable the config setup for this container.
What I have done is to put a proxy between the client and nextcloud. Now the nginx proxy has a valid Let's Encrypt certificate enabled so that it will reply when it asks for my domain and returns this cert, being attacked from outside or even inside my network but it seems that problem is still there and the error is the same.
from the photoprism container I am able to reach the private ip that my nextcloud has and the public one too if I do a nslookup.
so why im getting this error :-/

[lastzero]

Then maybe the wrong webdav path, user or password?

[doreks]

I don't think so, I am getting the webdav url from nextcloud itself and I am able to mount nextclud webdav from windows as a network drive.

[lastzero]

Users also reported issues when using nginx as web server as that break webdav compatibility, see https://trac.cyberduck.io/wiki/help/en/howto/mount/issues/fastcgi

[doreks]

good to know it! thanks!