Docker Duplicacy and Webdav SelfSigned certificate

Support
#1

Hello,

I am a new user of duplicacy, i have tried it to replace one concurrent and I really prefer.
more user friendly ase du…ty and better monitoring, also a better ressource management.
I started with an hosted webdav service that was really nice, I have changed to a home hosted backup server with nexcloudPi, and I have an error message i think relate to the self-signed certificate :

Failed to list the directory ‘’: Propfind https://XXX.XXX.XXX.XXX/remote.php/dav/files/backup_user/: x509: cannot validate certificate for XXX.XXX.XXX.XXX because it doesn’t contain any IP SANs

any possibility to connect to this webdav without letsencrypt ? or commercial certificate ?

#2

Is that your server? Can you use any other protocol than WebDAV? SFTP for example.

Webdav is designed for document exchange and is not suited well for bulk storage and you will have performance issues. It’s supported as a last resort when this is the only available protocol. But literally any other will be better.

#3

We’ve disagreed about this before (I’m using WebDAV over http) but its only advantage - increased speed when the receiving machine lacks hardware AES - is negated by https.

I wonder how SFTP compares to the soon-to-be-released(?) SMB option.

#4

SMB is latency sensitive. For long distances (outside of lan) SFTP will be better.

1 Like
#5

Yes it’s mine, but the server is located on my Grandma home at 900 km from my home so difficult to change to SFTP, i will have to reinstall everything.

#6

do you configure the backup via Webdav in http by webui or in CLI ?

#7

In my case:

First CLI:

Then manually editing the settings file (to change https to http):

But I wouldn’t send personal data outside your lan unencrypted!
I use http over wireguard (to provide encryption.)

Maybe encrypting the storage is sufficient? Probably not. Hopefully someone who knows will comment.

NOTE: I edited my original post with corrections.

#8

Regardless of whether you use WebDAV or sftp, consider installing Tailscale on each end and closing the exposed port. Much safer, properly encrypted, and then you could consider plain sftp without the overhead - if that’s all you’re using Nextcloud for.