notify_push icon indicating copy to clipboard operation
notify_push copied to clipboard

Published 20 hours ago verified publisher icon nextcloud

invalid peer certificate contents: invalid peer certificate: UnknownIssuer

Open uSyzex opened this issue 2 years ago • 4 comments

Hi,

Set-up is done and correct according to the setup utility, unfortunately when I test with the test_client program I have an error. Here is my config, followed by the error. Config

[Unit]
Description = Push daemon for Nextcloud clients

[Service]
Environment=PORT=7867
Environment=NEXTCLOUD_URL=https://nextcloud.xxxxxx.com
Environment=ALLOW_SELF_SIGNED=true
ExecStart=/var/www/nextcloud/apps/notify_push/bin/x86_64/notify_push /var/www/nextcloud/config/config.php
User=www-data

[Install]
WantedBy = multi-user.target

nextcloud.xxxxxx.com is added to my /etc/hosts as 127.0.1.1 nextcloud.xxxxx.com

error

nextcloud@nextcloud:~# ./test_client http://nextcloud.xxxx.com YYYYYY YYYYYYY
[2022-07-25 00:34:41.359171 +02:00] WARN [rustls::conn] /home/runner/.cargo/registry/src/github.com-1ecc6299db9ec823/rustls-0.20.2/src/conn.rs:1197: Sending fatal alert BadCertificate
Error:
  x http://nextcloud.xxxxx.com/ocs/v2.php/cloud/capabilities: Connection Failed: tls connection init failed: invalid peer certificate contents: invalid peer certificate: UnknownIssuer
  `-> invalid peer certificate contents: invalid peer certificate: UnknownIssuer

Thank you very much !

uSyzex avatar Jul 24 '22 22:07 uSyzex

Same here, running behind nginx proxy manager

[Unit]
Description = Push daemon for Nextcloud clients
[Service]
Environment=PORT=7867
Environment=NEXTCLOUD_URL=https://192.168.1.100
Environment=ALLOW_SELF_SIGNED=true
ExecStart=/var/www/nextcloud/apps/notify_push/bin/x86_64/notify_push /var/www/nextcloud/config/config.php
User=www-data
[Install]
WantedBy = multi-user.target

you should follow the manual setup instruction on the README instead
https://github.com/nextcloud/notify_push
Press enter to continue or ESC to cancel...

Push binary seems to be running already
🗴 failed to run self-test.
test output: ✓ redis is configured
             🗴 using unencrypted http for push server is strongly discouraged
             🗴 push server url is set to localhost, the push server will not be reachable from other machines
             ✓ push server is receiving redis messages
             ✓ push server can load mount info from database
             🗴 push server can't connect to the Nextcloud server
               error sending request for url (https://192.168.1.100/index.php/apps/notify_push/test/cookie): error trying to connect: invalid dnsname
             
  See the steps in the README for manual setup instructions: https://github.com/nextcloud/notify_push

dranelixx avatar Jul 25 '22 05:07 dranelixx

Hi,

I am also behind NGINX Proxy Manager but your problem is related to DNS. You have to edit your /etc/hosts and add this line. 127.0.1.1 yourdomainname.com After that, you'll probably have the same problem as me.

uSyzex avatar Jul 25 '22 11:07 uSyzex

@uSyzex I think you should be using https://... with the test_client - in your first post you tested with http://... instead.

koelle25 avatar Jan 24 '23 10:01 koelle25

The error OP is seeing is from the test client refusing the NC certificate, not the push daemon refusing the certificate.

The test client currently doesn't support disabling the certificate validation.

icewind1991 avatar Feb 10 '23 11:02 icewind1991