nextcloud reverse proxy http/https mismatch (SSO, LDAP config)
Let’s say you’re using nextcloud with a reverse proxy in front of it and only the reverse proxy handles SSL, but you’re still communicating via plain http with your nextcloud instance. Probably not something you should do, but will probably end up doing, especially if it’s just for home usage or some other quick and dirty setup.
You might run into problems as you as you’re going to configure nextcloud with an SSO, LDAP, AD provider since they expect that the right metadata and IdP urls are matching exactly. Your nextcloud will respond with
http whilst the IdP such as Okta expects
https for some good reasons.
Well, either you do https all the way, or you overwrite the config and nextcloud responds with
https. Obviously, we’re doing the latter now.
config/config.php file in your nextcloud installation and add this:
'overwriteprotocol' => 'https',
you can find the documentation for this feature here in the nextcloud docs.