Keepass and Owncloud

The original Keepass2 client allows you to use webdav as storage backend for the keepass file where all the passwords are stored. however, it seems to be a bit tricky to get https to work with keepass2 under linux (ubuntu in my case).

there are different options which one can try:

  • sync via owncloud client and use the local file
  • use http instead, but that's not recommended if you are accessing your owncloud through the internet
  • disable ssl certificate verification in keepass2 .. better than nothing, but this still allowes man in the middle attacks. certificate verification can be disabled under Options โ†’ Advanced โ†’ File Input/Output Connections โ†’ Accept invalid SSL certificates
  • import mozilla ssl certificates into mono certificate store:
    sudo apt-get install mono-devel
    sudo mozroots --import --sync --machine
    #if you see an error that it could not download the file, copy/paste the url into your webbrowser. it will redirect to a new url, copy/paste that url to the --url option of the command: 
    sudo mozroots --import --sync --machine --url "https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt"

    unfortunately this did not work for me but some stated it worked.. maybe a reload of some sorts is necessary after that..

  • install the ca-certificates-mono package, but this seems to only be availble starting ubuntu 16.04 which i haven't been able to test yet.