OK that sounds like a plan! Could you point me to some more docs or howtos perhaps? (noob proof if possible 
Still a bit fuzzy about it.
(I could tickle my own bind instance to resolve my home ip (although reverse will fail being a residential IP's name) Not familiar with duckdns though. )
aptalca yep I briefly looked into it (this is what i do on my regular server with its own public IP).
the question is what how do you set the parameters for a systems that's on a local net behind a firewall.
Like this?
Issuer: C = US, ST = CA, L = Carlsbad, O = Linuxserver.io, OU = LSIO Server, CN = *
Checked the /etc/ssl/cacert.pem.system and /run/libreelec/cacert.pem files. It seems the selfsigned certificate from nextcloud is indeed added which is nice to know
When trying to run curl from the bash prompt:
curl: (1) Protocol "davs" not supported or disabled in libcurl
vpeter yeah i found your previous posts. It can be disheartening at times when it just doesn't want to work despite best efforts.
I can only think that in my efforts to get it working and in the process of installing something got in the way (or broke) Given the fact that this is a fresh install with no media or users on it yet I could decided to trash it and start all over again using what I have learnt in the meantime. It's kind of a last resort idea.
Although I am a old Linux user I am new to Kodi and also relatively new to docker. So I'm slightly handicapped there.
In your opinion what are the gotchas to look out for when trying to solve this riddle? For instance where are the certificates supposed to be located in the kodi filesystem? Are all certificates concatenated in one file or are they separate in a directory? (i've seen both). So, any pointers on how to approach this are welcome. By the way how to I properly enable component loging for curl? (I though I did)
Thanks so far!
@ vpeter I thought I had enabled curl debugging,... did I forget something? Do i need to modify
advancedsettings.xml ? (i used the on screen menus perhaps incorrectly)
Here's a recent (partial) log capture:
2019-09-03 16:07:17.537 T:3001021296 DEBUG: CLibInputPointer::ProcessMotion - event.type: 3, event.motion.x: 968, event.motion.y: 379
2019-09-03 16:07:17.556 T:2858824560 ERROR: CCurlFile::Stat - Failed: SSL peer certificate or SSH remote key was not OK(60) for davs://localhost:443/remote.php/webdav/file
s/some_user/Kodi/Photos/|verifypeer=false&auth=SSL/TLS
2019-09-03 16:07:17.556 T:2858824560 DEBUG: GetImageHash - unable to stat url davs://localhost:443/remote.php/webdav/files/xs4_rhebergen/Kodi/Photos/|verifypeer=false&auth
=SSL/TLS
2019-09-03 16:07:22.551 T:3011457040 DEBUG: ------ Window Deinit (Pointer.xml) ------
2019-09-03 16:07:23.318 T:3011457040 INFO: CheckIdle - Closing session to http://127.0.0.1 (easy=0xb0fddd60, multi=(nil))
2019-09-03 16:07:47.459 T:2875609968 DEBUG: Thread JobWorker 2875609968 terminating (autodelete)
2019-09-03 16:07:47.459 T:2674185072 DEBUG: Thread JobWorker 2674185072 terminating (autodelete)
2019-09-03 16:07:47.556 T:2858824560 DEBUG: Thread JobWorker 2858824560 terminating (autodelete)
2019-09-03 16:07:47.629 T:3011457040 INFO: CheckIdle - Closing session to https://localhost (easy=0x37a6fe8, multi=0x37adb58)
Perhaps it is easier to convince nextcloud to do webdav not over port 443 After all this host is inside a (trusted) home network behind a firewall. I will be creating a different one in the future which will have outside access and thus will use https and letsencrypt generated certificates.
Still it bugs me why this selfsigned is not possible. Judgind from other posts it is though 
vpeter OK tried it but no go 
see below
2019-09-03 12:36:53.405 T:3002069872 DEBUG: libinput: event1 - debounce state: DEBOUNCE_STATE_RELEASED → DEBOUNCE_EVENT_TIMEOUT → DEBOUNCE_STATE_IS_UP
2019-09-03 12:36:53.418 T:3011907600 DEBUG: ProcessMouse: trying mouse action leftclick
2019-09-03 12:36:53.670 T:3011907600 DEBUG: ------ Window Deinit (DialogConfirm.xml) ------
2019-09-03 12:36:53.949 T:3011907600 DEBUG: ------ Window Deinit (DialogMediaSource.xml) ------
2019-09-03 12:36:53.981 T:3011907600 DEBUG: CGUIMediaWindow::GetDirectory ()
2019-09-03 12:36:53.981 T:3011907600 DEBUG: ParentPath = []
2019-09-03 12:36:54.003 T:2882610032 DEBUG: Thread waiting start, auto delete: false
2019-09-03 12:36:54.103 T:3011907600 DEBUG: ------ Window Init (DialogBusy.xml) ------
2019-09-03 12:36:54.111 T:2882610032 ERROR: CCurlFile::Exists - Failed: SSL peer certificate or SSH remote key was not OK(60) for davs://USERNAME:PASSWORD@localhost:443/re
mote.php/webdav/files/some_user/Kodi/Photos/VIDEO_TS.IFO|verifypeer=false&auth=SSL/TLS
2019-09-03 12:36:54.150 T:2882610032 ERROR: CCurlFile::Exists - Failed: SSL peer certificate or SSH remote key was not OK(60) for davs://USERNAME:PASSWORD@localhost:443/re
mote.php/webdav/files/some_user/Kodi/Photos/VIDEO_TS/VIDEO_TS.IFO|verifypeer=false&auth=SSL/TLS
2019-09-03 12:36:54.189 T:2882610032 ERROR: CCurlFile::Exists - Failed: SSL peer certificate or SSH remote key was not OK(60) for davs://USERNAME:PASSWORD@localhost:443/re
mote.php/webdav/files/some_user/Kodi/Photos/index.bdmv|verifypeer=false&auth=SSL/TLS
2019-09-03 12:36:54.233 T:2882610032 ERROR: CCurlFile::Exists - Failed: SSL peer certificate or SSH remote key was not OK(60) for davs://USERNAME:PASSWORD@localhost:443/re
mote.php/webdav/files/some_user/Kodi/Photos/BDMV/index.bdmv|verifypeer=false&auth=SSL/TLS
2019-09-03 12:36:54.233 T:2882610032 DEBUG: Thread waiting 2882610032 terminating
2019-09-03 12:36:54.238 T:3011907600 DEBUG: ------ Window Deinit (DialogBusy.xml) ------
2019-09-03 12:36:54.267 T:2882610032 DEBUG: Thread BackgroundLoader start, auto delete: false
2019-09-03 12:36:54.271 T:2882610032 DEBUG: Thread BackgroundLoader 2882610032 terminating
2019-09-03 12:36:58.439 T:3011907600 DEBUG: ------ Window Deinit (Pointer.xml) ------
2019-09-03 12:37:03.853 T:3011907600 INFO: CheckIdle - Closing session to http://127.0.0.1 (easy=0xb2f98a18, multi=(nil))
2019-09-03 12:37:11.913 T:2679350128 DEBUG: Thread JobWorker 2679350128 terminating (autodelete)
2019-09-03 12:37:24.729 T:3011907600 INFO: CheckIdle - Closing session to https://localhost (easy=0x3d17c40, multi=0xafe33150)
2019-09-03 12:37:32.418 T:2982142832 DEBUG: CAESinkPi:Drain delay:100ms now:0ms
vpeter thanks for your reply!
Before I created it I did not have a /storage/.config/cacert.pem
I presumed I could just make a certificate (in fact copy it) and put it in the designated spot and it would be used. Coincidentally are the certificates just separate files in a direcotry or just one file containing multiple certificates? (so you cat >> them)
Naturally I tried rebooting the box as well
Before my post I already found that post.
QuoteAlso read this: How to connect to Filezilla FTP over TLS server to stream music?
Obviously I am missing something.
On a standlone Kodi instance (internal network) I have linuxserver.io nextcloud and mariadb addon running.
Now I want to add a nexcloud webdav resource to the kodi source path (for instance pictures/photos). This fails to work due to nextcloud self-signed certificate.
I searched the forum for clues on how to go about telling kodi to use (or ignore) the nexcloud certificate. This is what I did:
find /storage -iname cert.crt
/storage/.kodi/userdata/addon_data/docker.linuxserver.nextcloud/config/keys/cert.crt
cp /storage/.kodi/userdata/addon_data/docker.linuxserver.nextcloud/config/keys/cert.crt /storage/.config/
openssl x509 -in cert.crt -noout -text
openssl x509 -in cert.crt -out nextcloud.pem
cp nextcloud.pem cacert.pem
export SSL_CERT_FILE=/storage/.config/cacert.pem
systemctl restart kodi
ERROR: CCurlFile::Exists - Failed: SSL peer certificate or SSH remote key was not OK(60) for davs://USERNAME:PASSWORD@localhost:443/re
mote.php/webdav/files/USERNAME/Photos
Any ideas why this won't work?
PS: also tried the |verifypeer=false suffix (did not work)
Aha that is very useful info.Thanks! Just tried it but now the error messages changed:
Error while trying to create admin user: Failed to connect to the database: An exception occurred in driver: SQLSTATE[HY000] [1045] Access denied for user 'nextcloud'@'docker.linuxserver.nextcloud.lsio' (using password: YES)
I used: mariadb:3306 as database host.
Perhaps I should try and create the nextcloud user by hand? (like I tried before)
So this is what I did:
Et voila! It worked!
Thanks!
I've got a brand new 4GB RPi4 with LibreElec 9.1.002 / Kodi v18.3 running. Now I'm trying to get Nextcloud working so I installed the linuxserver.io AddOn packges that supply Docker, NextCloud and MariaDB (or should I use tha MariaDB package from the LibreElec team which failed to install?)
Installation is not the problem all seems to work. I can see that MariaDB is running and when browsing to 192.168.2.18 Nextcloud shows the webpage that is supposed to create the admin account and select the type of database and database user.
Whatever I try I always get the error message below:
Error while trying to create admin user: Failed to connect to the database: An exception occurred in driver: SQLSTATE[HY000] [2002] No such file or directory
I have specified localhost:3306 and chosen some credentials. I've also tried to create these credentials by hand using the MariaDB docker instance.
e.g.:
create database nextcloud;
create user nextcloud@localhost identified by 'xxxxx';
grant all privileges on nextcloud.* to nextcloud@localhost identified by 'xxxxx';
flush privileges;
What is the proper way to get this working?
QuoteYou will need the root database login, or any administrator login , and then enter any name you want for your Nextcloud database. Be careful your administrator login needs to have the permissions to create and modify databases and he needs to have the permissions to grant permissions to other users.
After you enter your root or administrator login for your database, the installer creates a special database user with privileges limited to the Nextcloud database. Then Nextcloud needs only the special Nextcloud database user, and drops the root dB login. This user is named for your Nextcloud admin user, with an
oc_prefix, and then given a random password. The Nextcloud database user and password are written intoconfig.php:
