I have been struggling connecting nectcloud with samba ad-dc via LDAPS and finally found here what I thought is the solution.
My system is Ubuntu Server 20.04.2, Nextcloud 20.0.7 with snap v2.49.
I have my own CA and certificates work so far for https & tls.
In Nextcloud I always have to turn of certificate-checking: turnOffCertCheck = 1
In debugging this issue I wanted to add my root-certificate to the nextcloud snap.
I did so by:
snap set system store-certs.cert1="$(cat /etc/ssl/certs/my-root-ca.pem)"
snap set nextcloud store-certs.cert1="$(cat /etc/ssl/certs/my-root-ca.pem)"
Both commands show the correct root-certificate:
snap get nextcloud store-certs
snap get system store-certs
When I check certificate in snap-shell:
snap run --shell nextcloud.php.fpm
openssl s_client -connect my-host:636
The log shows: unable to get local issuer certfificate
Looking through the directories from “openssl version -d” will reveal, that my-root-pem-certificate is not present.
Can you help me what I made wrong?