Hi
web windows version.
I have WebDav enabled in Synology disc station, with self signed certificate. When try to add storage - get error message
Failed to list the directory '': Propfind https://192.168.1.6/: x509: certificate signed by unknown authority
any way to disable https in WebDav connection settings ?
The warning is not from duplicacy, it’s from the web framework that duplicacy is using, and ultimately, OS, and it is correct behavior. You can import the certificate into the Trusted Zone on your windows machine and it will be trusted explicitly and won’t warn you about it. You will still get warnings when accessing the Syno UI in Firefox and Chrome – but about that later.
However I have a few other questions/suggestions.
- Why did you chose to use webdav? Its a HTTPS based protocol with huge latency and overhead and it can be tolerated only if there is no other way to connect. With Synology you have SFTP out of the box which is faster, more reliable and secure. You can channel it over VPN for good measure, but regardless you will get much better performance and reliability out of it.
- I you want to go WebDav way, and/or generally avoid dealing with browser and services warnings about self-signed certificate you have several avenues to explore:
2.1. Pay for commercial certificate
2.2. Configure LetsEncrypt
2.3. Create your own Root CA and issue certificates from there. This solution does not cost you anything and is perfect if you only have a handful users – all of them can import your Root CA and get all green locks in all browsers, including paranoid Firefox and Chrome. There is no need in this case to pay for commercial certificate or deal with validation and renewals for LE. If you are interested I have a tutorial about why and how to generate your own RootCA and how to issue and provision the certificate to Synology disk station from it. (links are to personal blog with no ads)
2 Likes
Thanks for the detailed answer
In Duplicaty it’s get me better speed compared with SFTP (but he is already very slow…) I not check Duplicacy with SFTP, maybe it’s work fast. I’m try to check later.
1 Like
May I bring that topic up again? I am also wondering if i can disable https connection and use http. That would be fine for me since this is a second backup storage in my local network…
You can change the storage url from webdav:// to webdav-http:// to disable https.
I am using the Web Edition. When selcting Webdav it is already set to webdav://
You can edit ~/.duplicacy-web/duplicacy.json to change the storage url (while the web GUI is not running).
Found the file and tryed to edit. After a restart duplicacy doesnt start up anymore. Is it possible that the duplicacy.json file is encrypted? I have a few other backup spots where i see some random charakters set for password etc.
No, duplicacy.json isn’t encrypted. The failure to start is usually caused by not being able to load this json file. Check it carefully to see if there is a syntax error (check it in some online json checker). The log file ~/.duplicacy-web/logs/duplicacy_web.log should have more details on the failure.