Closed mat-l closed 2 years ago
any ideas on how to stop flooding my owncloud.log? Regards matl
Just use your hostname in common names
of your certificate. You can check your ssl-setting on ssllabs.com (it works on self-issued certificates as well).
We are both using letsencrypt for the certificates. Therefore I think we don't can/have to edit the common names during the certificate creation. This is done automatically if I am not wrong. Nevertheless, the flooding of my owncloud.log stops luckily again.
@LukasReschke @icewind1991 @schiesbn
I have the same error messages with a slightly different setup, which make federation practically impossible. My setup:
The error log of the server receiving the sharing notification shows: {"reqId":"Toh9zy62WpMVPv+WwmIe","remoteAddr":"79.194.106.223","app":"core","message":"cURL error 51: SSL: no alternative certificate subject name matches target host name 'www.fluechtlinge-esslingen.de'","level":3,"time":"May 11, 2016 09:11:29","method":"PROPFIND","url":"\/owncloud\/remote.php\/webdav\/","user":"Thommie"}
And when I try to enter www.fluechtlinge-esslingen.de as a trusted server in the admin page, I get:
"CURL error 60: SSL certificate problem: unable to get local issuer certificate" when entering the federated servers address (https://www.fluechtlinge-esslingen.de/owncloud)
Getting same errors when use http without SSL at all. It seems that somewhere lost protocol type.
Is this still an issue with more recent OC versions and openssl ?
I am testing with two OC 9.05 instances and I still see this error on one of them. Which is funny, because both have ubuntu server 16.04 LTS underneath and should use the same curl version therefore.... let me know if you need more details ...
I also can not do a federated share from a 9.1.1 instance to the (same as above) 9.0.5 instance. The sharing initialisation from 9.1.1 itself is possible, but the confirmation/acceptance of the shared directory from the 9.05 instance fails without any message in the logfile. Is there a way to increase logging for operation of the federation/federatedfilesharing app?
I also had this issue when upgrading from ownCloud 9.1.1 to 9.1.2. During the update process, I get the error mentioned above:
cURL error 51: SSL: no alternative certificate subject name matches target host name 'localhost'
I am also using an SSL certificate signed by Let's Encrypt.
If have changed 'verify' to false on getDefaultOptions() on this file: updater/vendor/guzzlehttp/guzzle/src/Client.php. Now I'm getting a different error:
Server error response [url] http://localhost/index.php/occ/config:list [status code] 503 [reason phrase] Service Unavailable
@dassencio Your solution solved the issue for me, thank you.
Also using SSL certificate from Let's Encrypt.
@geekonthepc @dassencio Please note that this is no solution but a workaround which might have serve impacts on the security of your installation when using the updater app (e.g. a Man-in-the-Middle attack could be possible during the time the updater is downloading an update).
Furthermore the original issue here is not related to the updater app at all. The message might be similar but the issue originally reported here was reported for the federation where the remote endpoint of the federation is providing a wrong / misconfigured SSL certificate.
@kdslkdsaldsal Thank you for that advice. I have now updated the app but will re-enable verification. I'm unsure why this issue is consistently occuring with users who use Let's Encrypt, but I would imagine this something to do with the certificate itself. I haven't been able to find any further information on resolving this issue so will keep an eye out to see if this issue is mentioned in further updates.
@kdslkdsaldsal : I only posted that information because I thought it would help the ownCloud developers find a solution to this problem. I reverted that change exactly because of the security implications you mentioned.
@geekonthepc @dassencio If this still happening with newer versions of ownCloud and the updater app then please create a new issue at https://github.com/owncloud/updater/issues.
If there is no such issue created there it won't be noticed and fixed as this is unrelated to the issue discussed here.
Edit
Seems that specific issue with the updater app is already tracked at https://github.com/owncloud/core/issues/26906 and https://github.com/owncloud/updater/issues/414
@kdslkdsaldsal : Indeed, I've opened #26906 about a couple of months ago.
This bug is still present in 10.0.3. I can not find any workaround through editing of in the curl settings. I experimented with curlopt_ssl_verifyhost=0 and curlopt_ssl_verifypeer=0 but the error message is the same. I am NOT shure if this is simply an environment issue ...
Hey, this issue has been closed because the label status/STALE
is set and there were no updates for 7 days. Feel free to reopen this issue if you deem it appropriate.
(This is an automated comment from GitMate.io.)
Do I understand it correctly that all involved certificates are valid ?
As far as I understand it, yes. I have two OC 10.04 instances hoste on the same physical server, but running in different VMs and with different public IPs/Cnames. Both use LetsEncrypt certs but still I see the curl-generated cert errors for the federated sharing between the OC instances.
Hey, this issue has been closed because the label status/STALE
is set and there were no updates for 7 days. Feel free to reopen this issue if you deem it appropriate.
(This is an automated comment from GitMate.io.)
@thommierother still happening with 10.0.10 I guess ? (am not aware of any related changes, but maybe library updates could have fixed this)
Closing due to stale. Please re-open if the problem still persists.
Steps to reproduce
Expected behaviour
Tell us what should happen ...
Actual behaviour
Tell us what happens instead Since adding and later on deleting the owncloud ID of a friend, my owncloud log is filling with lot's of error messages twice a second.
Server configuration
Operating system: Arch Linux ARM for ORDID-X
Web server: Nginx Database: mysqld 10.1.13-MariaDB PHP version: 7.0.4 ownCloud version: (see ownCloud admin page) 9.0.0 Updated from an older ownCloud or fresh install: Fresh install after it crashed before Where did you install ownCloud from: Arch AUR Signing status (ownCloud 9.0 and above):
List of activated apps:
The content of config/config.php:
Are you using external storage, if yes which one: local/smb/sftp/... no Are you using encryption: yes/no no Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/... no
LDAP configuration (delete this part if not used)
Client configuration
Browser: Firfox Operating system: Windows / AntergOS
Logs
Web server error log
No logs regarding the error described above.
ownCloud log (data/owncloud.log)
These line were written two times per second into the log
Browser log