Hey,
in the first posted curl call i can see root@www but here i can see root@devel. I’m not sure but i think this looks like two different systems?
My fault, first posted curl accidently was from the prod server. Here for the DEV Server (owncloud2.netzwissen.de, the one where I am setting up OIDC):
root@devel:~# nslookup idp.netzwissen.de
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: idp.netzwissen.de
Address: 136.243.85.155
the server log is also from owncloud2.netzwissen.de
Argggh, error found: the Univention UCS provides the OIDC API endpoints on a separate DNS name ucs-sso.netzwissen.de instead of the main DNS idp.netzwissen.de. This second DNS name was not listed as a valid DNS name in the LE certificate. The strange curl error is gone now and replaced with
Error in OpenIdConnect:The provider authorization_endpoint could not be fetched. Make sure your provider has a well known configuration available.
But thats a different story 
…
Hey,
i think it is great that you have found the culprit 
as i was running out of ideas after seeing your previous post 
I think it could have helped if the openidconnect app could have provided the URL which has been used for the connection in that error message so that it is easier to debug such issues. Maybe you could give this feedback to the app developer at Issues · owncloud/openidconnect · GitHub so that the user experience could be improved?
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.