You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, I am running my Nextcloud using the AIO containers but with a custom compose.yaml file without the mastercontainer. See AIo manual install for mor information.
for my Nextcloud I use Caddy as my reverse proxy with a cert signed by my own CA. I installed the cert of my own CA to my Server and all my clients. This way they trust the cert of my Nextcloud is trusted by them even though it's not signed by a "real" CA.
On Debian installed CAs are stored in the folder /etc/ssl/certs and attached to /etc/ssl/certs/ca-certificates.crt. Since I am using Docker, I mounted this location to my go-vod container (transcoder for the Nextcloud Memories app) and the Notify Push container:
volumes:
- /etc/ssl/certs:/etc/ssl/certs:ro
The go-vod container is fine with this approach and accepts the cert of my Nextcloud as trusted as its now signed by one of the CAs in /etc/ssl/certs of his container. But the Notify Push container seems to completely ignore the CAs of that directory and refuses to accept the cert of my Nextcloud and throws this error:
nextcloud-aio-notify-push-1 | [2024-08-03 15:02:10.418401 +00:00] ERROR [notify_push] src/main.rs:84: Self test failed: Error while communicating with nextcloud instance: error sending request for url (https://REDACTEDDOMAIN/index.php/apps/notify_push/test/version)
If I modify the start.sh file found in the container (see this for the original script)[https://github.com/nextcloud/all-in-one/blob/main/Containers/notify-push/start.sh] and add --allow-self-signed as a start parameter, it works just fine.
So, the problem is that the Notify Push container ignores the contents of /etc/ssl/certs and /etc/ssl/certs/ca-certificates.crt.
Does anyone know why and where to put my CA cert so that its recognized by notify push?
The text was updated successfully, but these errors were encountered:
Hi, I am running my Nextcloud using the AIO containers but with a custom compose.yaml file without the mastercontainer. See AIo manual install for mor information.
for my Nextcloud I use Caddy as my reverse proxy with a cert signed by my own CA. I installed the cert of my own CA to my Server and all my clients. This way they trust the cert of my Nextcloud is trusted by them even though it's not signed by a "real" CA.
On Debian installed CAs are stored in the folder
/etc/ssl/certsand attached to/etc/ssl/certs/ca-certificates.crt. Since I am using Docker, I mounted this location to mygo-vodcontainer (transcoder for the Nextcloud Memories app) and the Notify Push container:The
go-vodcontainer is fine with this approach and accepts the cert of my Nextcloud as trusted as its now signed by one of the CAs in/etc/ssl/certsof his container. But the Notify Push container seems to completely ignore the CAs of that directory and refuses to accept the cert of my Nextcloud and throws this error:If I modify the
start.shfile found in the container (see this for the original script)[https://github.com/nextcloud/all-in-one/blob/main/Containers/notify-push/start.sh] and add--allow-self-signedas a start parameter, it works just fine.So, the problem is that the Notify Push container ignores the contents of
/etc/ssl/certsand/etc/ssl/certs/ca-certificates.crt.Does anyone know why and where to put my CA cert so that its recognized by notify push?
The text was updated successfully, but these errors were encountered: