Linux Web dav with self signed certificate (self-hosted nextcloud server) - Printable Version +- Kodi Community Forum (https://forum.kodi.tv) +-- Forum: Support (https://forum.kodi.tv/forumdisplay.php?fid=33) +--- Forum: General Support (https://forum.kodi.tv/forumdisplay.php?fid=111) +---- Forum: Linux (https://forum.kodi.tv/forumdisplay.php?fid=52) +---- Thread: Linux Web dav with self signed certificate (self-hosted nextcloud server) (/showthread.php?tid=375043) Pages:
1
2
|
Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-15 I am trying to setup web davs with my self hosted nextcloud server but it doesn't work. Is it possible to do it with self signed certificates? Here's what I've done: Enter the new network location as davs (https) with port 443 and remote.php/dav/files/USERNAME/ Url looks like this: `davs://address.com:443/remote.php/dav/files/user/` Copy and paste the pem file (certificate) generated from the server to the .kodi/system/certs folder. I get the following error: `Failed: SSL peer certificate or SSH remote key was not OK(60)` RE: Web dav with self signed certificate (self-hosted nextcloud server) - Fuchs2468 - 2023-11-15 Take a look here, maybe it will help you. https://kodi.wiki/view/SSL_certificates RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-15 Thank you. I don't think I've looked up that page before. I have tried every steps, but none works. Neither does verifypeer=false. RE: Web dav with self signed certificate (self-hosted nextcloud server) - Fuchs2468 - 2023-11-15 I could still offer you that. https://forum.kodi.tv/showthread.php?tid=374773&pid=3169587&highlight=Nextcloud#pid3169587 Personally, I use a Synology NAS with WebDAV server so I don't have these problems. RE: Web dav with self signed certificate (self-hosted nextcloud server) - CrystalP - 2023-11-15 Same as in the other thread, a debug log might give some clues. Turn on debug mode, restart Kodi, reproduce the issue, copy/paste content of kodi.log into paste.kodi.tv and post the link here. The interesting information may be logged on the nextcloud side instead, but you're not going to get support for that here. RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-15 There it is:
I tried with 3 different ways, one with hostname, ip address and ip with verifypeer=false. As you can see in the log, I get failed SSL 3 times. I've looked into my Nextcloud log. It doesn't seems to log the failed attempt to connect. RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-15 I've also tried to add advancedsettings.xml. I see it is loaded in the log file. The log file contains: Quote:<advancedsettings> RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-16 I've created a new certificate, changed it in apache on the server then updated ca-certificates on my device and added a copy referenced in the .kodi folder. None is working. RE: Web dav with self signed certificate (self-hosted nextcloud server) - wsnipex - 2023-11-16 provide a full debug log on https://paste.kodi.tv RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-16 There it is: https://paste.kodi.tv/bodupimoro.kodi RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-16 Another one with debug activated https://paste.kodi.tv/ijobacupik.kodi RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-16 I've noticed that my dav mount on another device is using /nextcloud/remote.php/dav/files/user. I tried this, with and without port, with and without verifypeer. Still not working RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-16 Ok, I,ve tried again to make a new self signed certificate. This time I've added common name (CN) with my custom hostname.com. Now the folder open but there's nothing. I will test more later. Here is a sample command of the self signed certificate that I've installed on the apache: openssl req -x509 -newkey rsa:4096 -keyout myhostname.com.key -out myhostname.com.crt -sha256 -days 3650 -nodes -subj "/C=XX/ST=Province/L=City/O=CompanyName/OU=CompanySectionName/CN=myhostname.com" I've had to change the proper destination in my appache settings. In my case, it was the httpd-vhosts.conf, but I think for most people it should be in httpd-ssl.conf. RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-16 So, it no longer works. This time it is because of timeout. For some reason, I've been able to connect without timeout, but now it is slow. And it is indeed because of slow webdav connection as when I try to mount the webdav, it is very slow (but for some reason, the first time I did mount it after restart, it was fast). I suppose this is no longer a kodi issue although I would be interested if there could be a way to upper the timeout limit while I figure out how to make it faster. RE: Web dav with self signed certificate (self-hosted nextcloud server) - Boresk - 2023-11-16 Alright it works! I am able to mount webdav with Nextcloud with my self signed certificates. So here's the dav config that works: Select webdavs (https) (don't use http) myhostname.com (replace myhostname.com) remote.php/dav/files/username (replace username) port 443 (add proper user account and password) Here is the certificate command that worked for me (replace myhostname.com): openssl req -x509 -newkey rsa:4096 -keyout myhostname.com.key -out myhostname.com.crt -sha256 -days 3650 -nodes -subj "/C=XX/ST=Province/L=City/O=CompanyName/OU=CompanySectionName/CN=myhostname.com" Change the proper ssl files source in appache settings. In my case, it was the httpd-vhosts.conf, but I think for most people it should be in httpd-ssl.conf. Install Certificate on device(s). In my case (Ubuntu): sudo scp [email protected]:/path/to/file.crt /usr/local/share/ca-certificates Then sudo update-ca-certificates I've also added a copy of the certificate in .kodi/system/certs but I don't know if it does anything. On the server, add the following in nextcloud/config/php to get faster webdav connection 'auth.bruteforce.protection.enabled' => false, (This is potentially not a good solution and there might be better in the following link) Source: https://help.nextcloud.com/t/slow-webdav-performance/11255/3 Then restart apache.I think the command is: sudo apachectl restart Works great for me. I hope this will help other users as well. |