@Volkodav
I would disable OSCP for now.
Just comment them out in all configs?
So I will lose a layer of security a bit but I'll get it up and running
I'll try in an hour or so and post the result
1 Like
Shall I keep these commented too?
ssl_certificate /usr/local/etc/letsencrypt/live/truenas/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/truenas/privkey.pem;
ssl_trusted_certificate /usr/local/etc/letsencrypt/live/truenas/chain.pem;
So I'll keep like this and see what happens in the future? Next update/upgrade whatever?
I don't think so.
openssl s_client -connect vadim.com.ru:443 -servername vadim.com.ru
root@ul18ipv46:/var/tmp/trash# openssl s_client -connect vadim.com.ru:443 -servername vadim.com.ru
CONNECTED(00000005)
depth=0 O = TrueNAS (Nextcloud), CN = localhost
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 O = TrueNAS (Nextcloud), CN = localhost
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
0 s:O = TrueNAS (Nextcloud), CN = localhost
i:O = TrueNAS (Nextcloud), CN = TrueNAS (Nextcloud) local Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDGTCCAgGgAwIBAgIRAKCe93atrZ0ZZO3+868gTF4wDQYJKoZIhvcNAQELBQAw
SjEcMBoGA1UEChMTVHJ1ZU5BUyAoTmV4dGNsb3VkKTEqMCgGA1UEAxMhVHJ1ZU5B
UyAoTmV4dGNsb3VkKSBsb2NhbCBSb290IENBMB4XDTIxMDkyMzEwMzc1NloXDTIz
MDkyMzEwMzc1NlowMjEcMBoGA1UEChMTVHJ1ZU5BUyAoTmV4dGNsb3VkKTESMBAG
A1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
n3AWOJGacRGE5B71EfxZSDc6gJ4fxN8sKgncTpgetEV1ZFj8ltr8kbgJhkLgxaUf
dEM+N6M0E0G00IN28aBpIM6nn5s5eeQKOcXqn+yETPN8BAWBh7k3M+gIGX3f6Y2k
b4oykyVJmLS7ygCsy21VMB90STrgH2kmtU3S00DbAj/DDZ7GqS4jVeUUw8nqTlwl
TIEIW+MN2pZqND1i+08VgcOAOwwqJLcXlJnY7XZ6rD1tMLhcV7CBzJHCJSg0dwu8
kyVZaFYm7JP7J8qEw0OqUi5s6AQUanepX0tn75Zh0E8Fn+bKj6ul26DpC074VzOS
VGjfDXc3JJNG5W2J5E9hKwIDAQABoxIwEDAOBgNVHQ8BAf8EBAMCA4gwDQYJKoZI
hvcNAQELBQADggEBAFTn0wThG6/vlCeeT2krI9LkBnv8b24XH/14HIkU1kz1eydd
WElxnZE1GD9g9/34d2Py0lVbzDIKB203T6wabYwKjDwAt8W0lhM5f6e5ZvaEoY6g
B/NMrkZRXLOiJcm/1+E5/L42ljEtMgDfYiRgc0YtyxCCwhissI975mfaU+MyBQRZ
OalXRH9mkH7NYChrnyUwhqp9Z2xvNpTV0UOElQXHrrY4AOPMK66fJGbGh43QZHmU
xA3t8k08P4MPmZTTHDbt+II+7VtDVgArQZ3Aa5Jo78G2ZCsJ0ghOJfRYgV3QRXPs
QE9ZRUKllZ38WlNE/D2SD0+tZ6F7pJa1D28Hhg8=
-----END CERTIFICATE-----
subject=O = TrueNAS (Nextcloud), CN = localhost
So I have to check line 20?
I am a bit lost now - which config shall I edit and how?
Please be considerate.
You are only involved on this one single topic/problem.
This may all be right at the front of your brain.
But I'm trying to work dozens of topics/problems.
This is NOT all in my brain.
I don't know what line 20 is - unless I go back a read through 51 posts to find which file you are even taking about.
I really don't have the time for that - sorry.
I am a volunteer here and I am here to help (as best I can).
But PLEASE help me help you.
I got it rg305 - I'll try to figure it out based on this output and now it seems to be a different issue anyway. Thanks for your help anyway
1 Like
So it looks to me that it is a Nextcloud issue since the error is with their certificate and I will address it with them. Our part is done - stapling didn't work so I turned it off for now. Thanks everybody for help! Ihave to figure out what is wrong with the first certificate. I wonder is it provided by Let's Encrypt too?
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.