OPNsense Forum

English Forums => 18.7 Legacy Series => Topic started by: muchacha_grande on August 01, 2018, 06:48:26 pm

Title: Nextcloud config backup
Post by: muchacha_grande on August 01, 2018, 06:48:26 pm
Hi,
   I have a Nextcloud server with a self-signed certificate and I can't connect with OPNSense to backup the configuration.

   This is what the log file shows when I enable Nextcloud in OPNSense:

Quote
{
"url":"https:\/\/cloud.xxxxxx.xxx\/remote.php\/dav\/files\/fjm\/",
"content_type":null,
"http_code":0,
"header_size":0,
"request_size":0,
"filetime":-1,
"ssl_verify_result":18,
"redirect_count":0,
"total_time":0.106457,
"namelookup_time":0.006754,
"connect_time":0.018284,
"pretransfer_time":0,
"size_upload":0,
"size_download":0,
"speed_download":0,
"speed_upload":0,
"download_content_length":-1,
"upload_content_length":-1,
"starttransfer_time":0,
"redirect_time":0,
"redirect_url":"",
"primary_ip":"192.168.2.4",
"certinfo":[],
"primary_port":443,
"local_ip":"192.168.2.1",
"local_port":2322
}

   Any help will be appreciated.

Cheers,
Title: Re: Nextcloud config backup
Post by: qinohe on August 02, 2018, 01:37:04 am
Hello muchacha_grande,

There is 'ssl_verify_result":18' which I quote from https://www.openssl.org/docs/man1.0.2/apps/verify.html

Quote
18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate

    the passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates.

This suggest OPNsense is not able to verify this certificate (root-nss.crt).

Or add it to the store.

Or have a look on how to do it proper: https://wiki.opnsense.org/manual/how-tos/self-signed-chain.html  ;)

Succes mark
Title: Re: Nextcloud config backup
Post by: muchacha_grande on August 03, 2018, 03:30:41 pm
Well, I see.. now it works  ;)... thank you...

Now, I have a question... Provided that I just added the existing self signed certificate of my Nextcloud server to ca-root-nss.crt using the cat sentences explained in the docs... will this crt file be overwritten in the future, for example, in an upgrade of OPNSense?

And, another question, is it possible to choose a path to save de configurations instead of just a root directory?

Thank you again and regards
Title: Re: Nextcloud config backup
Post by: fabian on August 03, 2018, 04:59:19 pm
Now, I have a question... Provided that I just added the existing self signed certificate of my Nextcloud server to ca-root-nss.crt using the cat sentences explained in the docs... will this crt file be overwritten in the future, for example, in an upgrade of OPNSense?
yes - when the ca certificates are updated. It should not happen often.

And, another question, is it possible to choose a path to save de configurations instead of just a root directory?

It is a directory in the root directory - or what do you want to say?
Title: Re: Nextcloud config backup
Post by: muchacha_grande on August 03, 2018, 05:49:16 pm
I have an external storage drive accessed from Nextcloud via SMB/CIFS protocol.
I wanted to use a certain path inside this share to store configs and backups.

For example in the path /data/Backup/Configs/OPNSense, "data" is the name of the shared SMB/CIFS resource.
Title: Re: Nextcloud config backup
Post by: qinohe on August 03, 2018, 07:28:28 pm
Glad to hear the guide works for you  8)

Should this not be handled with Nextcloud self.
I mean the storage you give to Nextcloud can be 'anything' just the path to Nextcloud from OPNsense is handled by OPNsense.

Greetings mark