I want to use KopiaUI (0.15.0) with WebDAV on my local network.
The WebDAV server has a self-signed cert.
When accessing the SSL WebDAV path with KopiaUI, I get an error message: No valid authority.
I don’t see seeting in KopiaUI to allow this self signed cert.
How to do that?
This is not really kopia problem. Kopia uses OS to validate it.
Register your self signed authority as trusted in your OS.
Google will tell you how, e.g.:
Can you give some guidance how I would achieve this when using the Kopia docker image? I tried copying the certificate to /usr/local/share/ca-certificates/ and running update-ca-certificates inside the container. This resulted in curl being able to access the WebDAV server with a self-signed certificate but kopia (CLI) still returns the following error:
ERROR unable to get repository storage: error listing blobs: error processing directory shards: error reading directory: error reading WebDAV dir: ReadDir /: Propfind "https://my-webdav-server": tls: failed to verify certificate: x509: certificate is not valid for any names, but wanted to match my-webdav-server
@kapitainsky is on the right track. I’d offer mkcert makes the process even easier. The ‘gotcha’ is that different distros/OS’s have different methods to properly hash, import your generated rootCA.pem so said host can then accept subsequent generated certs.
FYI: rootCA is valid for 10 years while host certs are good for ~2.24. Wildcards are supported & .internal is the ICANN TLD for intranet/private use (2024). .test is recommended for development by IETF & ICANN.
(posted for future discoverability)