After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 749061 - self-signed cert in owncloud: HTTP Error: Unacceptable TLS certificate
self-signed cert in owncloud: HTTP Error: Unacceptable TLS certificate
Status: RESOLVED OBSOLETE
Product: gvfs
Classification: Core
Component: webdav backend
1.25.x
Other Linux
: Normal normal
: ---
Assigned To: gvfs-maint
gvfs-maint
Depends on:
Blocks:
 
 
Reported: 2015-05-07 09:46 UTC by Igor Gnatenko
Modified: 2018-09-21 17:48 UTC
See Also:
GNOME target: ---
GNOME version: ---



Description Igor Gnatenko 2015-05-07 09:46:59 UTC
I have own owncloud with self-signed https certificate, I added it to GOA, but in nautilus I can't open it - I see "HTTP Error: Unacceptable TLS certificate".

I think we need button or option to ignore it. I'm reporting but to gvfs, because probably something need from gvfs.
Comment 1 Ross Lagerwall 2015-05-08 11:22:13 UTC
This is because of this change:
https://git.gnome.org/browse/gvfs/commit/?id=f5ee590e2e14d9419fb7c30d05d9be7d0aee3532

Self-signed certificates are supposed to give the choice of whether to mount or not (see https://rossl.org/blog/computer/gvfs-security.html).

I think somehow the dialog cannot be shown which causes the mount to be denied.

You could perhaps try mounting from the command-line.
It would be something like:
gvfs-mount davs://host/owncloud/remote.php/webdav
Comment 2 Ross Lagerwall 2015-05-08 15:55:37 UTC
OK, I reproduced it, it happens specifically when mounting volumes exposed through gnome online accounts. It looks like some extra handling is needed in monitor/goa/gvolume.c. The mount operation there does not handle the necessary question callback.

I think when you add an owncloud account, you already have to accept the certificate temporarily/permanently, so maybe it can reuse this result without bugging the user.
Comment 3 Debarshi Ray 2015-05-11 17:26:56 UTC
Thanks for chasing this, Ross. I can write a patch if someone can provide me with an account on an ownCloud instance with an invalid / self-signed SSL certificate. I need it for bug 722832 too.

https://owncloud-lostcase.rhcloud.com/ used to have a self-signed SSL certificate, but not anymore. :(
Comment 4 Igor Gnatenko 2015-05-12 07:10:10 UTC
(In reply to Debarshi Ray from comment #3)
> Thanks for chasing this, Ross. I can write a patch if someone can provide me
> with an account on an ownCloud instance with an invalid / self-signed SSL
> certificate. I need it for bug 722832 too.
https://cloud.clanwars.org/
bgo / YnVnemlsbGEuZ25vbWUK
Password is base64 encoded (use echo "pass" | base64 -d)
> 
> https://owncloud-lostcase.rhcloud.com/ used to have a self-signed SSL
> certificate, but not anymore. :(
Comment 5 Michael Heyns 2015-10-12 02:25:56 UTC
Just to confirm this is still present in GNOME 3.18. Is there anything I can do to help with this?
Comment 6 GNOME Infrastructure Team 2018-09-21 17:48:25 UTC
-- GitLab Migration Automatic Message --

This bug has been migrated to GNOME's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/gvfs/issues/251.