[Solved] Nextcloud and Zotero: enabeling TLS1.2

Support apps
1

Hi everyone,
I am bugging the forum because I use Zotero and I wanted to connect my library with the nextcloud install on my Yunohost server.

It happen that the current version of the Zotero is based on Firefox ESR that does not support TLS1.3 but only TLS 1.2.
So when I connect Zotero 6 on nextcloud 25.0.2, I get this message:
Error code: SSL_ERROR_PROTOCOL_VERSION_ALERT

It seems that I have to modify the ngnix configuration for nextcloud to allow TLS 1.2.
But I have no idea of that I have to put in the /etc/ngnix.conf or the /etc/nginx/conf.d/nextcloud.libre.st.d/nextcloud.conf to make it work.

Can anyone guide me in this?
Thanks in advance

2

Hi,

Have you already tried to the switch security level of nginx through the yunohost webadmin ? In Tools > Settings > Security > NGINX (web server) (or even faster : domain.tld/yunohost/admin/#/tools/settings/security) change compatibility from Modern to Intermediate.

Worth a shot I think

1 Like
3

Hi jeremy1,
I use Ynh 11.0.11 and I cannot find such item in the menu.
There is no “Security” setting there.
Sorry, I wish it was that simple… :slight_smile:

4

There :

screen_security_nginx
screen_security_nginx1136Ă—1138 98.3 KB

5

C’est quelle version de YNH ? Je n’ai pas non plus cette section Sécurité avec ses onglets…
Page blanche si je passe par l’URL donnée plus haut.

Which version of YNH is this? I also don’t have this Security section with its tabs…
Blank page if I go through the URL given above.

6

Yes this is the testing version (11.1.2).
You can use the CLI:

yunohost settings set security.nginx.nginx_compatibility
1 Like
7

OK, thanks for the info, it makes sense now. We don’t use the testing version, simply because I am on a production system.

I have one additional question: Is it possible to set the setting of ngnix TLS security level for only one domain?
Thanks.

8

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.