I’m trying to use a Next cloud site (https://ma.sdf.org) that used to work fine but since their move to using LetsEncrypt certificates fails syncs with:
request to https://ma.sdf.org/nc/remote.php/webdav/Joplin/ failed, reason: unable to verify the first certificate (Code UNABLE_TO_VERIFY_LEAF_SIGNATURE)
I can get around this by using the “Ignore TLS certificate errors” setting.
I’m seeing perhaps the same issue with Android (version 1.0.322) although I can’t confirm because there’s no apparent way to ignore TLS cert errors.
@robmoore welcome to the forum
As no one has replied to this post in 8 days I thought I would reply primarily just to let you know people on this forum have seen your question but probably cannot offer a solution!!
You, like me, have probably tried a “Google” on this error. I also had a quick search on the forum for Android TLS issues. To summarise: @laurent has suggested that it is unlikely to ever be able to offer an “ignore TLS errors” option on Android.
So the error
UNABLE_TO_VERIFY_LEAF_SIGNATURE appears to be a misconfigured intermediate certificate for the server and it seems it would be up to sdf.org to fix it.
I’m seeing the same issue with my self-hosted ownCloud server with a letsencrypt cert. The certificate is being recognized fine by all browsers on all devices, it’s only not working with Joplin. For that reason I’m wondering whether this is really a problem with the configuration of the certificate? If it is: any pointers for reconfiguring the cert/server would be greatly appreciated!
Solved this. FYI: the issue is that my server wasn’t using
fullchain.pem, but only
cert.pem as SSL certificafte.
Thank you. I’ve been saying this (mis-configuration) since the first time this came up on the forum many months ago
I just gave up on replying to these cert errors, because everybody came back with: “yeah, but it works for everything else.”