Opened ports on both servers:
Owncloud is on a physical server with a FQDN supported with a Let’s Encrypt SSL and running on port 443. This is accessible both internally and externally.
OnlyOffice document server is on a virtual server with a FQDN supported with a Let’s Encrypt SSL and running on port 443. This displays, “Document server is running”, both internally and externally.
Both servers are Cent OS 7.
I have the OnlyOffice connector enabled in owncloud, with the FQDN entered as a https connection. However, when I try to save, I get the following error message:
"Error when trying to connect (Error occurred in the document service: Error while downloading the document file to be converted)"
I have looked at everything I can think of and I can see no reason as to why this is occuring.
I have found the following error message in the /var/log/onlyoffice/documentserver/converter/out.log
[2020-03-20T09:39:51.389] [ERROR] nodeJS - error downloadFile:url=https://xxxxxxxxx.co.uk/index.php$
Error: Error response: statusCode:403 ;body:
at Request._callback (/snapshot/server/build/server/Common/sources/utils.js:0:0)
at Request.init.self.callback (/snapshot/server/build/server/Common/node_modules/request/request.$
at Request.emit (events.js:198:13)
at Request.<anonymous> (/snapshot/server/build/server/Common/node_modules/request/request.js:1154$
at Request.emit (events.js:198:13)
at IncomingMessage.<anonymous> (/snapshot/server/build/server/Common/node_modules/request/request$
at Object.onceWrapper (events.js:286:20)
at IncomingMessage.emit (events.js:203:15)
at endReadableNT (_stream_readable.js:1143:12)
at process._tickCallback (internal/process/next_tick.js:63:19)
So I you can log in to your ownCloud server’s CLI and run the following command: curl -I https://only-office-document-server.tld
Then I would also do the same in the other direction, by logging into the OnlyOffice document server’s CLI: curl -I https://ownCloud-server.tld/index.php
A final test would be to run both these curls on your desktop to make sure that the servers are accessible for the client (web browser).
You should always receive a HTTP 200 status code.
As far as I understand it, you don’t have a reverse proxy terminating your OnlyOffice SSL connection. I recently had the problem with Traefik that it wouldn’t set the X-Forwarded-Proto header to https, which OnlyOffice needs to function properly behind a reverse proxy.
Another thing that comes to mind reading your post is SELinux because you are using CentOS. Make sure that this is not interfering with your setup by checking the audit log.
Thanks for the reply. Sorry it has taken me so long to get around to responding.
I am using Nginx as a reverse proxy and it has the same SSL certificates on it as are on the actual servers. All are Let’sEncrypt, so they all get automatically updated by Certbot.
I have done as you suggested and ran the Curl -I test from both machines.
OnlyOffice to ownCloud returns a 200 OK.
OwnCloud to OnlyOffice returned a 302 as it is re-directing to https://onlyoffice-server/welcome/
If I change the Curl -I to include the /welcome/, then it returns a 200 OK.
I ran both of the Curl -I requests from my offsite laptop and got a 200 OK from both, again, only if I include the /welcome/ to onlyoffice.
Both servers are CentOS 7 and are configured the same way regarding their Reverse Proxy scripts.
Both also have SELinux disabled. This was done when they were built, as advised in the ownCloud setup instructions.
If I change the OnlyOffice URL then it fails to find the healthcheck.
If I correct the URL again, then it would appear to pass the healthcheck and then return the original error, so it would seem the two servers are talking to each other, just unable to resolve the final configuration stage.
Any further thoughts are most welcomed and I will try to respond a bit quicker this time!!