Linux/Owncloud client impossible to connect to server while forcing trusted certificate

[evignal]

Pre-submission Checks

• [X] I checked for similar issues, but could not find any. I also checked the closed issues. I could not contribute additional information to any existing issue.
• [X] I will take the time to fill in all the required fields. I know that the bug report may be dismissed otherwise due to lack of information.

Describe the bug

Impossible to connect to owncloud server with linux Owncloud Client bypassing certificate trust while it is possible with owncloudcmd and android client...

• Using Onwcloud Client on Linux
• Add account
• After entering server address (to a server without Trusted certificate)
• TLS Certificate Error appears,
• and when I click YES to "Do you want to trust this certificate anyway ?"
• A red message with "Could not detect compatible server at https....." appears with Ignore button to press...

After clicking YES and IGNORE still impossible to connect to onwcloud server.

Whereas connection to the same owncloud server is working with :

• Android owncloud client
• owncloudcmd with --trust option

Expected behavior

Be able to connect to owncloud server with untrusted CA certificate using Linux owncloud client

Steps to reproduce the issue

1 Using Onwcloud Client on Linux 2 Add account 3 After entering server address (to a server without Trusted certificate) 4 TLS Certificate Error appears, 5 and when I click YES to "Do you want to trust this certificate anyway ?" 6 A red message with "Could not detect compatible server at https....." appears with Ignore button to press...

After clicking YES and IGNORE still impossible to connect to onwcloud server.

Screenshots

No response

Logs

No response

Client version number

ownCloud 3.2.0.10193 718af2 Libraries Qt 5.15.2, OpenSSL 3.0.2 15 Mar 2022 Using virtual files plugin: suffix ubuntu-5.15.0-60-generic

Desktop environment (Linux only)

KDE

Client package version and origin (Linux only)

No response

Installation path (Windows only)

No response

Server information

ownCloud 10.11.0 (stable)

Additional context

No response

[michaelstingl]

6 A red message with "Could not detect compatible server at https....." appears with Ignore button to press...

What does the log say? https://doc.owncloud.com/desktop/appendices/troubleshooting.html#log-files

[evignal]

Hi, After logfile activation no file created (/tmp/ownCloud-logdir)... Same behaviour if I use owncloud --logdir /tmp/owncloud_logs So nothing in the logs...

To complete the previous post : Connexion to owncloud server without trusted SSL certificate is working :

• directly with Web navigator (firefox)
• android client
• owncloudcmd with --trust option But, like I wrote, not with Linux Owncloud client and I didn't test yet the windows and MacOS clients.

[michaelstingl]

Please also try with --logflush command

[evignal]

Thank you for your help, below content of the log file after 3 to 5 retry... EV

ownCloud 3.2.0.10193 718af2 Libraries Qt 5.15.2, OpenSSL 3.0.2 15 Mar 2022 Using virtual files plugin: suffix ubuntu-5.15.0-60-generic ownCloud
23-03-01 21:30:05:903 [ debug default ] [ OCC::Logger::setLogRules ]:   ""
23-03-01 21:30:05:903 [ info gui.application ]: ################## "ownCloud" locale: "fr_FR" version: "ownCloud 3.2.0.10193 718af2 Libraries Qt 5.15.2, OpenSSL 3.0.2 15 Mar 2022 Using virtual files plugin: suffix ubuntu-5.15.0-60-generic"
23-03-01 21:30:05:903 [ info gui.application ]: Arguments: ("owncloud", "--logflush", "--logdir", "/tmp/owncloud_logs")
23-03-01 21:30:05:904 [ info gui.application ]: Using "fr" translation
23-03-01 21:30:05:904 [ critical gui.application ]: Could not load qtkeychain translations
23-03-01 21:30:05:904 [ info gui.application ]: Plugin search paths: ("/opt/ownCloud/ownCloud/lib/x86_64-linux-gnu/plugins", "/opt/ownCloud/qt-5.15.2/lib/x86_64-linux-gnu/qt5/plugins", "/opt/ownCloud/ownCloud/bin")
23-03-01 21:30:05:904 [ info gui.application ]: VFS suffix plugin is available
23-03-01 21:30:05:904 [ debug default ] [ OCC::Logger::setLogRules ]:   ""
23-03-01 21:30:05:906 [ info gui.application ]: VFS suffix plugin is available
23-03-01 21:30:05:906 [ info gui.socketapi ]:   server started, listening at  "/run/user/1000/ownCloud/socket"
23-03-01 21:30:05:906 [ info gui.folder.manager ]:  void OCC::FolderMan::setSyncEnabled(bool) true
23-03-01 21:30:06:030 [ debug sync.utility ]    [ OCC::Utility::versionOfInstalledBinary ]: QByteArray OCC::Utility::versionOfInstalledBinary(const QString&) "ownCloud ownCloud 3.2.0.10193\nhttps://github.com/owncloud/client/commit/718af2f484d20437de8c237f5b177c60c0a3960d\nLibraries Qt 5.15.2, OpenSSL 3.0.2 15 Mar 2022\nUsing virtual files plugin: suffix\nubuntu-5.15.0-60-generic\n"
23-03-01 21:30:06:034 [ info gui.application ]: Tray menu workarounds: noabouttoshow: true fakedoubleclick: false showhide: false manualvisibility: true
23-03-01 21:30:06:035 [ info gui.folder.manager ]:  Setup folders from settings file
23-03-01 21:30:06:035 [ info sync.clientproxy ]:    Set proxy configuration to use NO proxy
23-03-01 21:30:06:042 [ info gui.application ]: No configured folders yet, starting setup wizard
23-03-01 21:30:06:046 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::changeStateTo ]:  Current wizard state: OCC::Wizard::SetupWizardState::ServerUrlState
23-03-01 21:30:06:061 [ info gui.folder.manager ]:  void OCC::FolderMan::setSyncEnabled(bool) false
23-03-01 21:30:09:077 [ debug sync.utility ]    [ OCC::Utility::versionOfInstalledBinary ]: QByteArray OCC::Utility::versionOfInstalledBinary(const QString&) "ownCloud ownCloud 3.2.0.10193\nhttps://github.com/owncloud/client/commit/718af2f484d20437de8c237f5b177c60c0a3960d\nLibraries Qt 5.15.2, OpenSSL 3.0.2 15 Mar 2022\nUsing virtual files plugin: suffix\nubuntu-5.15.0-60-generic\n"
23-03-01 21:30:09:077 [ info gui.updater ]: Checking for available update
23-03-01 21:30:09:244 [ info gui.updater ]: Client is on latest version!
23-03-01 21:30:25:799 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::SetupWizardController(OCC::SettingsDialog*)::<lambda ]:   next button clicked, current state OCC::Wizard::ServerUrlSetupWizardState(0x55a1ea8c7090)
23-03-01 21:30:25:828 [ warning default ]:  QNetworkReplyImplPrivate::error: Internal problem, this method must only be called once.
23-03-01 21:30:26:755 [ critical wizard.resolveurl ]:   "Failed to resolve URL https://x.y.z.a:8043, error: Le handshake SSL a échoué"
23-03-01 21:30:26:756 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::changeStateTo ]:  Current wizard state: OCC::Wizard::SetupWizardState::ServerUrlState
23-03-01 21:30:26:756 [ warning wizard.resolveurl ]:    "Could not detect compatible server at https://x.y.z.a:8043"
23-03-01 21:30:33:272 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::SetupWizardController(OCC::SettingsDialog*)::<lambda ]:   next button clicked, current state OCC::Wizard::ServerUrlSetupWizardState(0x55a1eabfb240)
23-03-01 21:30:33:280 [ warning default ]:  QNetworkReplyImplPrivate::error: Internal problem, this method must only be called once.
23-03-01 21:30:34:845 [ critical wizard.resolveurl ]:   "Failed to resolve URL https://x.y.z.a:8043, error: Le handshake SSL a échoué"
23-03-01 21:30:34:846 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::changeStateTo ]:  Current wizard state: OCC::Wizard::SetupWizardState::ServerUrlState
23-03-01 21:30:34:847 [ warning wizard.resolveurl ]:    "Could not detect compatible server at https://x.y.z.a:8043"
23-03-01 21:30:36:065 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::SetupWizardController(OCC::SettingsDialog*)::<lambda ]:   next button clicked, current state OCC::Wizard::ServerUrlSetupWizardState(0x7f6a78006a90)
23-03-01 21:30:36:073 [ warning default ]:  QNetworkReplyImplPrivate::error: Internal problem, this method must only be called once.
23-03-01 21:30:37:681 [ critical wizard.resolveurl ]:   "Failed to resolve URL https://x.y.z.a:8043, error: Le handshake SSL a échoué"
23-03-01 21:30:37:682 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::changeStateTo ]:  Current wizard state: OCC::Wizard::SetupWizardState::ServerUrlState
23-03-01 21:30:37:682 [ warning wizard.resolveurl ]:    "Could not detect compatible server at https://x.y.z.a:8043"
23-03-01 21:30:38:967 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::SetupWizardController(OCC::SettingsDialog*)::<lambda ]:   next button clicked, current state OCC::Wizard::ServerUrlSetupWizardState(0x7f6a7800c2f0)
23-03-01 21:30:38:975 [ warning default ]:  QNetworkReplyImplPrivate::error: Internal problem, this method must only be called once.
23-03-01 21:30:40:016 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::changeStateTo ]:  Current wizard state: OCC::Wizard::SetupWizardState::ServerUrlState
23-03-01 21:30:41:825 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::SetupWizardController(OCC::SettingsDialog*)::<lambda ]:   next button clicked, current state OCC::Wizard::ServerUrlSetupWizardState(0x55a1eaccf8b0)
23-03-01 21:30:41:833 [ warning default ]:  QNetworkReplyImplPrivate::error: Internal problem, this method must only be called once.
23-03-01 21:30:42:918 [ critical wizard.resolveurl ]:   "Failed to resolve URL https://x.y.z.a:8043, error: Le handshake SSL a échoué"
23-03-01 21:30:42:919 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::changeStateTo ]:  Current wizard state: OCC::Wizard::SetupWizardState::ServerUrlState
23-03-01 21:30:42:920 [ warning wizard.resolveurl ]:    "Could not detect compatible server at https://x.y.z.a:8043"
23-03-01 21:30:46:870 [ debug setupwizard.controller ]  [ OCC::Wizard::SetupWizardController::SetupWizardController(OCC::SettingsDialog*)::<lambda ]:   wizard window closed
23-03-01 21:30:46:870 [ info gui.folder.manager ]:  void OCC::FolderMan::setSyncEnabled(bool) true
23-03-01 21:30:53:489 [ info gui.account.manager ]: Saved all account settings, status: QSettings::NoError

[evignal]

While connection to server possible with no valid certificate (Bypass in TLS certificate error by clicking Yes to "do you want to trust this certificate anyway ?") for HTTPS connection is working for:

• Windows client
• MacOS client
• Android and iOS EV

[fmoc]

You failed to fill in the following information in the issue form:

Client package version and origin (Linux only)

Please fill in the missing information.

[fmoc]

Cannot reproduce with a client compiled on branch 3 (which is equivalent to 3.2.1 RC 3).

[e-vignal]

ownCloud 3.2.0.10193 718af2 Libraries Qt 5.15.2, OpenSSL 3.0.2 15 Mar 2022 Using virtual files plugin: suffix ubuntu-5.15.0-60-generic

origin apt : deb https://download.owncloud.com/desktop/ownCloud/stable/latest/linux/Ubuntu_22.04/

[fmoc]

Are you actually on Ubuntu 22.04?

[e-vignal]

Yes

[github-actions[bot]]

This issue was marked stale because it has been open for 30 days with no activity. Remove the stale label or comment or this will be closed in 7 days.

[chulann]

Same issue here - accidentally installed the 22.10 (from apt repo deb https://download.owncloud.com) on 22.04 but same symptoms. Android client and standard web login working but client will Linux not. owncloud-files 10.4.1-1+1.1, server is owncloud-complete-files on debian bullseye 10.12.0-1+8.1 from apt repo

[TheOneRing]

Same issue here - accidentally installed the 22.10 (from apt repo deb https://download.owncloud.com/) on 22.04 but same symptoms. Android client and standard web login working but client will Linux not. owncloud-files 10.4.1-1+1.1, server is owncloud-complete-files on debian bullseye 10.12.0-1+8.1 from apt repo

And what client are you using?

[chulann]

Same issue here - accidentally installed the 22.10 (from apt repo deb https://download.owncloud.com/) on 22.04 but same symptoms. Android client and standard web login working but client will Linux not. owncloud-files 10.4.1-1+1.1, server is owncloud-complete-files on debian bullseye 10.12.0-1+8.1 from apt repo

And what client are you using?

cian@quacker:~$ dpkg -l | grep -i owncloud | egrep ^ii
ii  owncloud-client:amd64                                       3.2.1+oc-10355                                      amd64        The ownCloud sync client - github.com/owncloud/client
ii  owncloud-files                                              10.4.1-1+1.1                                        all          ownCloud - Server

cian@quacker:~$ cat /etc/apt/sources.list.d/owncloud.list 
deb https://download.owncloud.com/desktop/ownCloud/stable/latest/linux/Ubuntu_22.10/ /
cian@quacker:~$ cat /etc/lsb-release 
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04.2 LTS"

[fmoc]

@chulann your situation is not supported. You should remove the repository and add the right one.

[chulann]

@chulann your situation is not supported. You should remove the repository and add the right one.

Just did. Same result.

[github-actions[bot]]

This issue was marked stale because it has been open for 30 days with no activity. Remove the stale label or comment or this will be closed in 7 days.

[chulann]

This problem persists in the Linux client 4.0.0.10896 (installed on Ubuntu 22.04 from the owncloud.com apt repo for Ubuntu 22.04).

Incidentally, the 4.0.0 client on Windows on the same machine, connecting to the same ownCloud server on the same wireless network works perfectly (as did the 3.0 and 3.2 versions of the Windows client - tried them all today).

[michaelstingl]

Server accessible from the internet? Send URL to apps-at-owncloud-dot-com ?

[illumicat]

i have researched the documentation and combed the forums and keep landing here, but i do not see a resolution of the issue. i have upgraded to Ubuntu 22.04 (cinnamon)

Kernel: 5.15.0-92-generic x86_64 bits: 64 compiler: gcc v: 11.4.0 Desktop: Cinnamon 5.8.4 tk: GTK 3.24.33 wm: muffin vt: 7 dm: LightDM 1.30.0 Distro: Linux Mint 21.2 Victoria base: Ubuntu 22.04 jammy

I downloaded the latest Owncloud client Ubuntu_22.04 owncloud-client-5.2.1.13040

Error: TLS Certfificate expired

all (identical certificate) is working well on other Androids and Windows machines

by now, i probably need to remove all repositories and start over again, but haven't been able to find instructions.

grateful for some guidance

[alariej]

Same issue here. "TLS Certificate Error". "The issuer certificate could not be found". The sync succeeds after accepting to trust the certificate. Ubuntu 22.04, ownCloud client AppImage 5.2.1.13040 979bb9. Server version 10.13.4.1 also runs on Ubuntu 22.04. Accessing the ownCloud server in a browser shows no problem. I also ran a test at www.ssllabs.com and it shows no issue with the server.

[s-light]

seems iam just getting this kind of error for some days now.

ownCloud 5.2.1.13040 [979bb9](https://github.com/owncloud/client/commit/979bb990f214fbd1cccc5536c582d84e196d499f)
Libraries Qt 6.4.3, OpenSSL 3.1.2 1 Aug 2023
Using virtual files plugin: suffix
OS: ubuntu-6.5.0-26-generic
QPA: xcb

system & os:

Operating System: Kubuntu 23.10
KDE Plasma Version: 5.27.8
KDE Frameworks Version: 5.110.0
Qt Version: 5.15.10
Kernel Version: 6.5.0-26-generic (64-bit)
Graphics Platform: X11
Processors: 16 × Intel® Core™ i9-9980HK CPU @ 2.40GHz
Memory: 31,1 GiB of RAM
Graphics Processor: Mesa Intel® UHD Graphics 630
Manufacturer: ASUSTeK COMPUTER INC.
Product Name: ZenBook Pro Duo UX581GV_UX581GV
System Version: 1.0

and it is the same - Firefox is just working fine with the server.

[alariej]

Seems to be a problem related to new Let's Encrypt certificates. Solution here:

https://central.owncloud.org/t/linux-desktop-client-5-2-1-on-ubuntu-tls-problem-with-new-letsencrypt-cert/47397/2

Open file $HOME/.config/ownCloud/owncloud.cfg and remove the whole certificate block starting with 0\General\CaCertificates=, save and reboot.

Somehow I had to redo the operation twice for it to work, not sure why. But now I do not receive the "TLS Certificate Error" anymore.