DAVx complains about unknown certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
Connecting to my nextcloud instance via DAVx
It produced this output:

My web server is (include version):
The operating system my web server runs on is (include version):
Latest Ubuntu LTS Server
My hosting provider, if applicable, is:
Self managed
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.22.0

After fixing my initial issue reported https://community.letsencrypt.org/t/getting-this-certificate-belongs-to-a-different-site-for-a-wildcard-certificate/169920, I cannot connect via DAVx (V 4.1-gplay) without an exception.

I'm on Android V 11

Hi @poldi171254,

Is it possible that you have the "Distrust System Certificates" setting enabled in your DAVx settings?


It looks like that's one thing that could produce this warning message.


Yes. This setting is enabled as this is the recommendation; not sure why



It could be that the most common use case is to connect to one's own personal or organizational server, and perhaps people then often verify the fingerprints with the administrator, instead of relying on the certificate authority system. This is at least as good in terms of security—often even better!—but certainly much worse in terms of convenience.

It would make sense to have that as the default if most of the servers that people usually connected to with DAVx didn't use a publicly trusted certificate authority like Let's Encrypt for their certificates.

If so, it would be helpful if the documentation warned that the result of this is that you will be prompted to accept certificates manually.

If you choose to turn off this setting, you will probably not be prompted as DAVx will automatically trust the mainstream certificate authorities, including Let's Encrypt, similar to the way an ordinary web browser would. That gives you more convenience and, in exchange, a little less visibility into the certificate trust process.


Choose to "trust" it (after verifying it - "trust but verify").
[which you likely only need to do once (every 60 days)]


So what you are saying is that this is the expected behaviour, just a bit confusing

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.