letsencrypt on nginx reverse proxy and nextcloud backend

Question

So I have a running nginx as reverse proxy listening on 443 and 80 for my nextcloud backend. The nextcloud VM is running on apache without SSL, all encryptions are done by nginx reverse proxy.

For public access, nginx has setup a rewrite and so clients connect to http://nextcloud.domain.tld will be redirected to https://nextcloud.domain.tld without any issue with letsencrypt cert.

The problem is internal. I have nextcloud app on my iphone. I also have internal DNS server which resolve my nextcloud server as an internal 172.16.x.x IP. When the app connects to https://nextcloud.domain.tld inside LAN the app displays a not trusted server due to bad SSL certificate so that all my photos on the phone do not sync with nextcloud when my phone is on LAN.

How to resolve this problem?

try to change your internal register A to the nginx's IP (Internal IP) — Roid, Oct 27 '20 at 18:53
how do you bind the ssl cert to the nginx listing? As asked before, do you use split brain dns? — Berndinox, Oct 27 '20 at 19:00

score 0 · Answer 1 · answered Oct 29 '20 at 02:28

0

I end up "copying" the letsencrypt certs to all my backend web servers following this guide https://www.techandme.se/share-lets-encrypt-ssl-certificates-between-hosts/ , should be fine now.

answered Oct 29 '20 at 02:28

sirhideo

1

letsencrypt on nginx reverse proxy and nextcloud backend

1 Answers1