Solved: SSL Error trouble connecting OnlyOffice to NextCloud

I installed NextCloud via a snap, then used Docker to install OnlyOffice. Both are installed and working. I know NextCloud is 100% working, but OnlyOffice only gives me a welcome message saying its working. Anyways when I try to integrate OnlyOffice with NextCloud I either get:

HealthcheckRequest on check error: cURL error 35: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)

or

HealthcheckRequest on check error: cURL error 7: Failed to connect to 10.0.0.100 port 80: Connection refused (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)

or

Protocol on check error: Mixed Active Content is not allowed. HTTPS address for Document Server is required.

I am at my wit's end, I have searched high and dry, googled and dug through my system for conf files and paths that are plenty. I installed locate and updatedb to help me search. It almost seems like I have many versions of the same instance.

image
apparently, it's going to the correct port but not getting secured.

Please help

Do you have

community/libcurl-gnutls

installed ?

The server is running with an old and obsolete SSL version. Anything lower than TLS 1.2 shouldn't really be used any more, and most things have removed support for SSLv2 and SSLv3.

I just installed it, no change still getting:

HealthcheckRequest on check error: cURL error 60: SSL certificate problem: self signed certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)

I am running what they server installed LOL unless its on my end. How do I update that?

Yes there is a change, it seems working BUT the app. is not accepting self signed certificates,
see if you can configure that .

some applications , you can set them up to accept self signed certificates,
Or create a real one , with let's encrypt , for example.

I downloaded Lets Encrypt, but when I create the certs where do I put them? That's been one of my issues LOL. Docker throws things everywhere it looks like. Thanks for your quick response

also I dont own a domain, all I have is a subdomain of a dynamic host provider.

You don't need to. Many libraries still use SSL-SOMETHING in error messages. It does not mean that you are using an old SSL version.

Check the know issues page. It shows a way how to allow self-signed certificates for the onlyoffice nextcloud app.

But this goes both ways. Your Nextxloud also needs a valid cert, because the onlyoffice docker process connects to your netxcloud and nodejs is very picky about certs.
This might be a workaround. https://github.com/ONLYOFFICE/Docker-DocumentServer/issues/96#issuecomment-505901063

Keep in mind you can't create valid certs for IPs or local domains with lets-encrypt.

2 Likes

what about subdomains from dynamic host providers? I am planning to buy a domain tho

lets-encrypt has some rate limits, but it will often work.
https://letsencrypt.org/docs/rate-limits/

These subdoamains requiere a real public IP. There are different ways to let lets-encrypt validate the subdomain. You usually need to have some Web server running on Port 80 on these IPs. But certbot can help you with that.
https://letsencrypt.org/how-it-works/
https://certbot.eff.org/help

After you received valid certs, you will need to make sure your local services use the right domain names.

For testing it is probably easier to do it with self-signed certs.

worked

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Forum kindly sponsored by