Hi, I sync Joplin between my desktop and iPhone using local Nextcloud server. Everything worked a week ago but suddenly I’m getting ‘Network request failed’ errors on the iPhone. I use the exact same WebDAV url for both desktop and iOS. Any idea what’s going on? Log attached.
iOS: 13.3.1
Joplin iOS app version: 10.0.45
Joplin Windows 10 version: 1.0.193
I just realized this problem is already opened as issue #2533, I will move the discussion there.
I have found out that in my case it is not a bug, just inexperience - I solved it by issuing my own certificate, made nextcloud use it and then make my iOS trust the certificate and CA. If there is interest I can post the process and it could perhaps be included in some guide for new users, it was quite a journey.
That would be lovely so that other users can use it when they have issues. 
To give some background, why this even comes up: I have a Nextcloud instance running at home on an old laptop (on Ubuntu 18.04 LTS, installed through snap), accessible just from the local network. As such, I didn’t even want to use https and started with http. Some applications however, like Calendar in iOS 13, won’t sync with a server on http. So you need https, and for that you need to use SSL certificates. If your server is open to the internet, you can use a service like Let’s encrypt, there are plenty of tutorials on how to do that. On a closed network, Nextcloud offers self signed certificates, which you can easily activate with a one liner, but most application will flag them as untrusted. Sometimes this can be ignored, especially in browsers or Joplin desktop, but on mobile devices this option doesn’t exist. To work around that, you need to:
As a disclaimer, I only vaguely know what I’m doing, so if someone sees here an unnecessary or a wrong step, please let me know. I’m trying to write it also for people who are maybe not so experienced with the Linux terminal.
Detailed steps
ssh/putty on your Ubuntu server with you Nextcloud instance
Install mkcert (link)
Generate a certificate for your host
mkcert 192.168.0.2 or whatever domain you are usingFind your root certificate
Remember the location of these 3 files or copy them somewhere convenient
Find where your Nextcloud instance is storing certificates
ls /var/snap/nextcloud/common, current and another one let’s call it numbers - it will be a string of numbers or something else
sudo or sudo su
ls /var/snap/nextcloud/numbers/certs/livecert.pem, privkey.pem and chain.pem
rm cert.pem etc.)cp 192.168.0.2.pem /var/snap/nextcloud/numbers/certs/live etc.mv 192.168.0.2.pem cert.pem
mv 192.168.0.2-key.pem privkey.pem
mv rootCA.pem chain.pem
ls
Enable and use the custom certificates (source)
sudo nextcloud.enable-https custom -s cert.pem privkey.pem chain.pem
or if in su mode
/snap/bin/nextcloud.enable-https custom -s cert.pem privkey.pem chain.pem
The apache server should now restart and it should be using your certificates
Now somehow get a of copy the certificate and rootCA on your device of choice
/var/snap/nextcloud/common/files/user/whatever/) doesn’t work, or at least for me they didn’t show up afterward in the the web app.For me this worked, even though the order was much more chaotic and there was a lot of lurking on the web. Hopefully it will save someone some time.
That we need to do this is so wrong on so many levels.
It should be sufficient to install the own root CA certificate and fully trust it.
All your server certificates should verify positively against this.
BTW, installing a certificate works through the Apple apps Safari (download it) or Mail (mail it to yourself). The best way to upload is through Apple COnfigurator on macOS and creating a profile that contains the required CA certificates. Then tap on the certificate, leave the app and go to settings, there is a new menue item near the top. Follow this to install the cert. Then trust the root CA cert as described by Langosh.
But this does not work for Joplin in iOS14. Other apps, such as Mail, Contacts, Calendar will work like this, but Joplin seems to ignore the iOS trust store. macOS Joplin has the same problem, but there you can at least point to the root CA certificates path and trust it. Certainly suboptimal, since the OS provides keychain access. But catastrophic on iOS, as it just does not work at all with your own CA certificates. You have to resort to Lets Encrypt certificates.
This really needs to be improved.
But this is not how
Has anyone perhaps had luck syncing Joplin on iOS 14 to nextcloud by storing the contents of the Joplin app into a folder that the nextcloud app is already syncing (Basically syncing through a networked directory/file system)? I'm not sure if it's even possible on iOS14, but I might try to create a folder for my mobile notes to be stored, then tell nextcloud to sync that folder to the server, then directing my desktop joplin app (which is working fine) to sync to that same folder via webdav. Has anyone tried this who can spare me a half day of toil?
Edit: after looking through this thread it looks like the idea for syncing through the file system has already been entertained with no luck.
Nope that information does not help. My certificates stick to these rules.