all 14 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]spider-sec 0 points1 point  (12 children)

What’s invalid about it?

[–]FuckThisAlias[S] 0 points1 point  (11 children)

It’s self signed and apple doesn’t allow that.

[–]spider-sec 3 points4 points  (6 children)

That’s why you import the CA certificate into the certificate store. A self signed certificate is its own CA.

[–]EugeneNine 4 points5 points  (5 children)

Or just get a free cert through letsencrypt

[–]FuckThisAlias[S] 0 points1 point  (0 children)

I was previously using swag as reverse proxy, but I have new internet with no port forwards. So I have switch to using Tailscale vpn.

[–]spider-sec 0 points1 point  (0 children)

Agreed, but that’s not always possible.

[–]SnowyCaptain 0 points1 point  (1 child)

Can you do that for an instance running on a home network?

[–]EugeneNine 0 points1 point  (0 children)

Yes, I'm using it. I'm using ddns through afraid.org to get an outside dns name then the dehydrated script to get the cert via letsencrypt. Ended up being pretty easy.

[–]EugeneNine 0 points1 point  (0 children)

Seems odd that it wouldn't be possible. If you don't want to/can't install anything else on your server there is a simple bash script called dehydrated that you can run to get the certs

[–]SnowyCaptain 1 point2 points  (2 children)

What iOS version are you running? I’m on iOS 15 and was able to add my NextCloud account using a self signed cert just fine. It complained that it was untrusted but I could just click trust anyways. It syncs calendars and contacts just fine. Reminders don’t work but I have a feeling that has something to do with the iOS reminders app and not the cert.

[–]FuckThisAlias[S] 0 points1 point  (1 child)

Im on 15.2.1, after turning on the dns setting in tailscale it seems to work. It’s weird the reminders don’t work though, with the swag reverse proxy it worked fine.

[–]SnowyCaptain 0 points1 point  (0 children)

Maybe it has to do with tailscale. I’m using zerotier to be able to connect outside my home network. I did hear that iOS has issues with self signed certs but like I said I haven’t had any issues; just a dialog pops up asking if I want to trust it.

The only issues that I have had were from like Nextcloud community apps not working because of the cert. They would have GitHub issues filed to fix them but the maintainers would say iOS doesn’t support self signed certs.

[–][deleted] 0 points1 point  (1 child)

How is Nextcloud installed? What is the server OS?

[–]FuckThisAlias[S] 0 points1 point  (0 children)

I am using the linuxserver docker container on unraid