Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
Connecting to my nextcloud instance via DAVx
It produced this output:
My web server is (include version):
Apache2
The operating system my web server runs on is (include version):
Latest Ubuntu LTS Server
My hosting provider, if applicable, is:
Self managed
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.22.0
It could be that the most common use case is to connect to one's own personal or organizational server, and perhaps people then often verify the fingerprints with the administrator, instead of relying on the certificate authority system. This is at least as good in terms of security—often even better!—but certainly much worse in terms of convenience.
It would make sense to have that as the default if most of the servers that people usually connected to with DAVx didn't use a publicly trusted certificate authority like Let's Encrypt for their certificates.
If so, it would be helpful if the documentation warned that the result of this is that you will be prompted to accept certificates manually.
If you choose to turn off this setting, you will probably not be prompted as DAVx will automatically trust the mainstream certificate authorities, including Let's Encrypt, similar to the way an ordinary web browser would. That gives you more convenience and, in exchange, a little less visibility into the certificate trust process.
