Problem with login to nextcloud windows client

[divo1]

Expected behaviour

Nextcloud client should connect with self hosted nextcloud server.

Actual behaviour

I removed old hosted server and create new on new server. I changed DNS to new server. I removed old nextcloud client on Windows and install new version (3.3.1). After installation I get view where I can put address to my server. After click on button "next" I get error message: "The polling URL does not start with HTTPS despite the login URL started with HTTPS. Login will not be possible because this might be a security issue. Please contact your administrator.". There are two links: copy link and open in browser. Both not working

Steps to reproduce

1. Install new nextcloud client
2. Put address to nextcloud server

Client configuration

Client version: 3.3.1 Operating system: Windows 10 OS language: PL Installation path of client: M:\Programy\Nextcloud

Server configuration

Nextcloud version: 22.1.0.1 Storage backend (external storage): -

Logs

Please use Gist (https://gist.github.com/) or a similar code paster for longer logs.

1. Client logfile: https://gist.githubusercontent.com/divo1/5a6a6aa7c655eb403af80206f02f8e38/raw/96e0663430834c03415d20a80939f76e26904ba4/Nextcloud%2520client%2520log

[porelli]

I am having the very same issue with the MacOS client.

EDIT (2021-Aug-27): same behavior happening with the new client: 3.3.2

This issue was also referenced with the AppImage version of the client for Linux here: https://github.com/nextcloud/desktop/issues/1470#issuecomment-898802015

[bstin]

I removed old hosted server and create new on new server. I changed DNS to new server. I removed old nextcloud client on Windows and install new version (3.3.1). After installation I get view where I can put address to my server. After click on button "next" I get error message: "The polling URL does not start with HTTPS despite the login URL started with HTTPS. Login will not be possible because this might be a security issue. Please contact your administrator.".

I was having this same issue. Turns out was the wrong setting in config.php

I am running behind a reverse proxy (nginx). Originally I had the following lines:

  'overwrite.cli.url' => 'https://nextcloud.mydomain.com',
  'overwriteprotocol' => 'https',

With the above I was receiving the error you outlined. However when I changed to below, now it works (ie. use the local IP address, not public facing name).

  'overwrite.cli.url' => 'http://192.168.1.111',
  'overwriteprotocol' => 'https',

[porelli]

Thank you @bstin!

I confirm that it was the problem for me. Not sure why everything was working fine with the previous versions... For reference, the option NEXTCLOUDOVERWRITEPROTOCOL for the docker container was added as part of this pull. In case you use a dedicated volume ([as per persistent data instructions](https://hub.docker.com//nextcloud)) you will also need to edit the config.php manually.

[divo1]

@bstin Now I have something like this:

  'overwrite.cli.url' => 'https://nextcloud.mydomain.com',
  'overwriteprotocol' => 'https',

If I change overwrite.cli.url to local IP address then the browser will not try to use this as url?

edit I tried IP of proxy, IP of VM where the nextcloud is, both with https and http. It's still not work ;(

[bstin]

If I change overwrite.cli.url to local IP address then the browser will not try to use this as url?

Its confusing.

It seems this setting is for "local cli tools" (like occ, cron.php, etc). So I don't fully understand why this would cause logging in from client to fail? Perhaps during the client initiation process, it relies on occ in someway to register the new connection?

In any case, if you are running behind a proxy it seems like this should always be the local IP address, since you wouldn't want occ to try to connect to itself using the external proxy.

[porelli]

@divo1 if it can be any helpful, I have the same URL I use for the nginx reverse proxy. Meaning it's http://:

I didn't configure it manually, some script of the docker container did. I also have another container with the same image running cron, everything works fine. In my case, the problem was caused by the 'overwriteprotocol' option that was completely missing. After setting it to 'https' the login process via the app started working again as expected.

[divo1]

@bstin Thanks for your response :) I check server and nextcloud configuration. After few changes now I think it works :)

I remove this configurations:

#  'overwriteprotocol' => ' https',
#  'overwritehost' => 'nextcloud.example.com',
#  'forcessl' => true,
#  'forceSSLforSubdomains' => true,

I had also apache with different default virtual host. So when I curl to localhost without host name it show default apache site.

Now everything works ok. Thanks guys! :)

Can be closed.

[JeanPaulBeard]

I also had the same problem and I solved it by changing these lines

/config/config.php

'overwrite.cli.url' => 'https://nextcloud.midomain.com',
'overwriteprotocol' => 'https',

After doing several tests I saw that sometimes the 'overwriteprotocol' => 'https', line is not created.

[BoboTheBarbar]

The soluction above did not solve it for me, but the comment from Help.Nextcloud did: https://help.nextcloud.com/t/desktop-client-is-trying-to-use-http-instead-of-https/122288/12

(I am using a apache reverse proxy) It says to remove overwritecondaddr parameter.

[cyrsis]

I also had the same problem and I solved it by changing these lines

/config/config.php

'overwrite.cli.url' => 'https://nextcloud.midomain.com',
'overwriteprotocol' => 'https',

After doing several tests I saw that sometimes the 'overwriteprotocol' => 'https', line is not created.

Works great with Traefik as in the main proxy, Thanks

[rominator1983]

I had to add 'overwriteprotocol' => 'https', to the config. Some folks said, behind a proxy one would have to set overwrite.cli.url to a local HTTP URL. I did not have to do this with my nextcloud running in a container behind traefik. I left overwrite.cli.url on the external HTTPS address.

Anyways I guess this got broken via an upgrade since someone pointed out that the setting 'overwriteprotocol' got added somewhere. Should have been addressed by the upgrade-procedure when adding this setting or am I wrong?

[wahboh]

Dear Gurus!

This thread is very confusing and does not give a clear answer on WHAT is the correct solution. Many "thanks, it solved it for me" - but not HOW!? Could someone please, please give a concise instruction?

The problem:

• A reverse proxy with https (and all certs) towards the internet (actually an IIS, works very well for many other apps, IIS is non negotiable)
• Inside the proxy in the private domain everything (!) is http. I do not want the extra burden of https, cert maintenance etc privately behind the proxy.

How it works:

• Web from the internet, and Android sync apps have NO problems using Nextcloud through the proxy. Works like a charm!

• Windows client inside the domain can go directly http towards Nextcloud. Fast and no problems.

• BUT -Windows client coming with https from the internet (through the proxy) can NOT connect. Gives error "The polling URL does not start with HTTPS despite the login URL started with HTTPS"

I have tested what seems every combination of ''trusted_domains' 'trusted_proxies', 'overwriteprotocol', 'overwrite.cli.url' but to no avail. The (unnecessarily overworked) Windows client refuses to connect.

Could someone please, give a concise instruction on how you managed to make it work? Please?

And dear developers. Please go back to the old manual setup for the Windows client. The urge to build smart things and prove your superior competence - only gives tons of problems for the users! Keep It Simple!

BR // Wabo

[thomasthe1st]

Hi Wabo,

I think I have a very similar setup with a proxy running on https and nextcloud being connected to the proxy on a private network. I had the same issue.

I solved it by adding 'overwriteprotocol' => 'https', which was missing for me.

SO I have now: 'overwrite.cli.url' => 'https://cloud.mydomain.com', 'overwritehost' => 'cloud.mydomain.com', 'overwriteprotocol' => 'https',

BR Thomas

[wahboh]

Many thanks Thomas!

It seems as your suggestion solved THAT behind proxy problem:

'overwrite.cli.url' => 'https://cloud.mydomain.com/', 'overwritehost' => 'cloud.mydomain.com', 'overwriteprotocol' => 'https',

Much appreciated!

Then, when reconnected I get a number of "404 FIle not found" when resyncing, and no explanation in logs, even if the files are present on both sides. And I have made a full rescan. But I think I bring that up in another thread.

Thanks again! Wabo

[0frasure]

'overwritehost' => 'cloud.mydomain.com',

This fixed it for me!

[danielb42]

I got it fixed now by adding overwriteprotocolAND overwritehost. From most issue threads it was unclear to me that you absolutely need BOTH.

[DevFontes]

I fixed this with this annotations in nginx ingress:

ingress: annotations: nginx.ingress.kubernetes.io/enable-cors: "true" nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"

Add this lines in config.php file:

'overwrite.cli.url' => 'https://nextcloud.nextcloud.svc.cluster.local', 'overwriteprotocol' => 'https',

I'm using this chart. https://github.com/nextcloud/helm/tree/nextcloud-3.2.3/charts/nextcloud

Environment RKE 1.24 Nginx Ingress controller 1.2.0 Nextcloud 24.1.10

[AngelGarzaDev]

Adding this line fixed it for me. If you are behind a proxy, this is most likely your issue.

'proxy' => 'proxy.example.com:8081',

Please see the config.sample.php file for more information on what all these fields do. https://github.com/nextcloud/server/blob/master/config/config.sample.php