WebDAV, Windows 7 and Self-Signed Certificates Howto

WebDAV is a nice protocol. Unfortunately, the Windows implementations of it are amongst the crappiest pieces of software ever written. I thought it was better on Windows 7, but it still sucks. Here’s how you can make it work at least for read access with HTTPS and self-signed certficates.

WebDAV server

I prefer LigHTTPd over Apache. If you want to use Apache or nginx, you must look elsewhere.
lighttpd-enable-mod webdav

/etc/lighttpd/conf.d/10-webdav.conf

server.modules += ( "mod_webdav" )
webdav.sqlite-db-name = "/var/run/lighttpd/lighttpd.webdav_lock.db"
alias.url = ( "/webdav" => "/var/www/" )
$HTTP["url"] =~ "^/webdav($|/)" {
  webdav.activate = "enable"
  webdav.is-readonly = "disable"
}

You have to use digest auth for Win7 clients to work, but AFAIR older versions of Windows only accept basic auth.
server.modules += ( "mod_auth" )
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "/etc/lighttpd/login.user"
auth.require = ( "/webdav" =>
(
"method" => "digest",
"realm" => "restricted",
"require" => "valid-user"
))

Windows

If you know how to do it, the mystery of strange error messages can be solved easily: You have to install your self-signed certificate first. Run Internet Explorer with administrative rights (UAC won’t work!):
– Enter your WebDAV URL
– Click on Continue to this website (not recommended)
– Click on Certificate Error in the red colored address bar
– Click on View certificates
– In the Certificate dialog, press Install Certificate
– In the Certificate Import Wizard, click Next
– On page 2 of the wizard, select Place all certificates in the following store and click Browse;
– In the Select Certificate Store dialog, select Trusted Root Certification Authorities, click OK
– In the wizard, click Next, click Finish
– If a security message pops up, choose Yes
(copied from [url=http://www.leonmeijer.nl/archive/2008/08/01/123.aspx]leonmeijer.nl[/url])
If you still have trouble using the Network Wizard to connect to your WebDAV storage, maybe the hotfix [url=http://www.microsoft.com/downloads/en/details.aspx?FamilyId=17c36612-632e-4c04-9382-987622ed1d64&displaylang=en]KB907306[/url] helps.
If you know how to properly enable write access (writing from Linux works fine), let me know.

2 Responses

  1. smith says:

    Hi,
    it is difficult to set up the webdav in windows 7 with lighttpd.
    the lighttpd’s version is 1.4.29.1 (LightTPD-1.4.29-1-Win32-SSL)
    could you help me set up the webdav?
    it taked a long time.
    thanks.
    if you need the files, you can send the email to me. thanks
    my email: zhangjing@flync.net
    smith.

  2. ... says:

    I think i might have run into the same problem when trying to write to a webdav share running on nginx using windows xp mini redirector as client.
    Symptoms where: Writing worked on linux but on XP it failed with “Cannot read from source file or disk” (renaming, reading and even overwriting existing files worked though).
    This seems to fix it and if this is the same issue i think it might work for lighttpd too:
    XPs mini redirector client seems to choke on recieving 207 replies with ‘not found’ status when querying for non existing files. It seems to expect a direct 404.
    This is what i did on nginx:
    if ( $request_method = PROPFIND ) {
    set $flags P;
    }
    if ( !-e $request_filename ) {
    set $flags “${flags}M”;
    }
    if ( $flags = PM ) {
    return 404;
    break;
    }
    Probably not the best solution but it works (returning 404 for PROPFIND on non existing files) and i guess lighttp can do the same.
    Hope this helps and ranks high on google =)

Leave a Reply

Your email address will not be published. Required fields are marked *