Tls certificate

NethServer Version: 8
Module: nextcloud

Hi all.

I’m installing a new server to transfer my nethver 7.9 to new nethserver 8

On my old 7.9 i have Nextcloud and Onlyoffice installed.

On my new nethserver 8, i have open port 80 443 to create a tls certificate.

but i have this error :

<3>2025-09-08T13:01:13Z unable to generate a certificate for the domains [nextcloud.mairie-coulogne.fr]: error: one or more domains had a problem:
<3>[nextcloud.mairie-coulogne.fr] invalid authorization: acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Cannot negotiate ALPN protocol "acme-tls/1" for tls-alpn-01 challenge

On my old nethserver i have a certificate too.

On nethserver v8, it’s Rocky v9

Another question. Do i need to install the app Nextcloud on my new nethserver v8 or the app of 7.9 will transfer the install automatically ?

Thank’s for your help.

Hi,

new installations of NS8 use the “tls-alpn-01” which means that port 443 needs to be open or when in LAN it needs to be forwarded from the firewall.

To check the challenge that’s used:

api-cli run module/traefik1/get-acme-server

To set for example http-01 challenge to use port 80:

api-cli run module/traefik1/set-acme-server --data '{"challenge":"HTTP-01","url":"https://acme-v02.api.letsencrypt.org/directory"}'

See also Release notes — NS8 documentation

You must not install the apps on NS8, it should be a fresh NS8 installation before migration.
The migration tool migrates the apps. (like for example Nextcloud)
As regards onlyoffice, there’s no migration yet so you just can install it on the NS8 after the migration.

Thank’s.

I have restart my pfsense box and certificate was ok. I don’t know why it don’t like my modification.