Very new to WebDEV and I’m pulling my hair out trying to set up it on Windows 11 for local network use only (no internet access needed). I’ve hit two major roadblocks, and I’m hoping someone here can save me from this nightmare.
The problems:
HTTPS connection fails:
I can only get WebDAV to work over HTTP, not HTTPS. I’ve created a self-signed certificate, but it’s still not working. Am I missing something obvious?
Sync issues with Android apps and another computer:
I’ve tried syncing with apps like Joplin, EasySync, DataBackup, and Diarium. While they can push data to the WebDAV server, they can’t pull data back. It’s like the PUT method works, but GET doesn’t. Is this a certificate issue, a permissions problem, or something else entirely?
What I’ve done so far:
Here’s my setup process in case it helps diagnose the issue:
1. Windows Features:
Enabled Internet Information Services (IIS) (which auto-enabled Web Management Tools and World Wide Web Services).
Enabled WebDAV Publishing under World Wide Web Services > Common HTTP Features.
Enabled Basic Authentication under World Wide Web Services > Security.
2. IIS Manager:
In Default Web Site > WebDAV Authoring Rules, I enabled WebDAV and added an authoring rule for All users with Read, Source, and Write permissions.
Enabled Basic Authentication and disabled Anonymous Authentication and ASP .NET Impersonation.
Created a self-signed certificate under Server Certificates and bound it to the Default Web Site for HTTPS.
3. Folder Setup:
Created a folder (e.g. C:\WebDAVShare) and added it as a Virtual Directory in IIS with an alias (e.g. webdav).
Set permissions for a local user (DESKTOP-PC\webdavuser) with Full Control.
4. Directory Browsing:
Enabled Directory Browsing in IIS.
5. Accessing WebDAV:
Accessed the server via https://192.168.1.10/webdav in my browser.
Entered credentials (DESKTOP-PC\webdavuser + password) and could see the files, but the connection was HTTP, not HTTPS.
Additional info:
I’ve exported and installed the self-signed certificate on both my Android devices (Android 13 & 15) as VPN and app user certificates. I couldn’t install them as CA certificates - not sure if that’s the issue.
What am I missing?
Why isn’t HTTPS working despite the self-signed certificate?
Why can’t my Android apps pull data from the WebDAV server (nor another computer on same network)?
Is there a specific Windows feature, permission, or setting I’ve overlooked?
I’m at my wit’s end here, so any help would be hugely appreciated. If you’ve dealt with WebDAV on Windows 11 or have any insights, please chime in!
Thanks in advance and I’m sorry if this is not the right place to ask this :(
Not that it’s my first recommendation for security reasons, and I would never do this in prod, but you can just add the self-signed cert to the local trusted root CA store and it should work fine. No reg changes needed.
If you do this, put it in the store of the user running the client, not LocalMachine. Then you just need to make sure you connect as something in the cert’s SAN list. An IP might work (don’t know since I never try to put IPs in the SAN list), but just use a hosts entry if you can’t modify local DNS.
Edit: after reading the full OP post (sorry), I don’t think it’s necessarily the self-signed cert. If the browser is connecting with https:// and presenting a basic auth prompt, then https is working. It almost sounds like there is a 301/302 redirect back to http after login. Check the Network tab of the browser’s dev pane (F12) to see what is going on.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
selfh.st Newsletter and index of selfhosted software and apps
Not that it’s my first recommendation for security reasons, and I would never do this in prod, but you can just add the self-signed cert to the local trusted root CA store and it should work fine. No reg changes needed.
If you do this, put it in the store of the user running the client, not LocalMachine. Then you just need to make sure you connect as something in the cert’s SAN list. An IP might work (don’t know since I never try to put IPs in the SAN list), but just use a hosts entry if you can’t modify local DNS.
Edit: after reading the full OP post (sorry), I don’t think it’s necessarily the self-signed cert. If the browser is connecting with https:// and presenting a basic auth prompt, then https is working. It almost sounds like there is a 301/302 redirect back to http after login. Check the Network tab of the browser’s dev pane (F12) to see what is going on.
Windows is the greatest and best operating system that the Windows team at Microsoft has ever made.