I´m new to Duplicati and made allready some testing. I don´t think it´s an Duplicati-Issue, but may you got some helpful hints.
I want to run it on a Windows Server 2012 and Backup on a Nextcloud via WebDAV.
while testing the connection it sais: “Failed to connect: Die Anfrage wurde abgebrochen: Es konnte kein geschützter SSL/TLS-Kanal erstellt werden…” (“The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel”)
but some sidefacts:
(WebClient Service is running)
Connection with Windows-Explorer does´nt work either
but Connection with WinSCP to WebDAV: works
Connection from Win10-Client in same Network with same Duplicati-Setup: works
are you talking about Server 2012 (the obsolete one) or Server 2012 R2 (the soon to be obsolete) ? if it’s the former, I’m not sure there is anything that can be done. If the latter, try to check your connection using Powershell with something like that:
Any clues in Event Log when it fails, e.g. in System log, Schannel source? You could even set a filter.
Is the NextCloud system yours? Do you know what OS and web server it uses? Can you administer?
Is it on the Internet? If so, you likely need TLS 1.2. If not on Internet, using something older might do.
This seems to mean that there is disagreement about TLS between this system and the remote end.
Schannel is Windows’ TLS path. .NET Framework also uses it, and Duplicati uses .NET Framework.
Are you by any chance ready to use Wireshark? That would likely give a good view, but it’s involved.
if it’s with the code snippet I posted, I can only generate an error if I specify TLS13. It’s failing on a Webdav server but with a 401 error, not a Tls error. There must be something problematic on your system, is it fully updated ? Can you try to visit a known good ssl site (try ssllabs.com) with Internet explorer and see what is displayed if you click the cert icon ?
ok, found a similar case with some other software - the (Web-)Server seem´s not to suppport the TLS Ciphers from the 2012R2 - and I´m not admin. (every further action is not worth the effort on the 2012)
Is there a chance to run Duplicati easy with it´s own TLS-Stack, not with the OS stack?