diff --git a/check_process b/check_process
index 2db3fc6..ceaac42 100644
--- a/check_process
+++ b/check_process
@@ -3,8 +3,8 @@
 	; Manifest
 		domain="domain.tld"	(DOMAIN)
 		path="/path"	(PATH)
-		is_public=1	(PUBLIC|public=1|private=0)
 		language="fr"
+		disablecacheck=0
 	; pre-install
 		sudo yunohost domain add --verbose baikaldomain.tld --admin-password $PASSWORD
 		sudo yunohost app install baikal -a "domain=baikaldomain.tld&path=/baikal&password=admin"
diff --git a/conf/app.src b/conf/app.src
index 3878db1..b3de28a 100644
--- a/conf/app.src
+++ b/conf/app.src
@@ -1,4 +1,4 @@
-SOURCE_URL=https://github.com/adobo/agendav/releases/download/2.0.0/agendav-2.0.0.tar.gz
-SOURCE_SUM=142e8d9ea0e3e6feacd1523c5cabc834fe8bc3e9dbae03034089758b9c3abb92
+SOURCE_URL=https://github.com/adobo/agendav/releases/download/2.2.0/agendav-2.2.0.tar.gz
+SOURCE_SUM=0056154ae0a7aa3401f4f24c51f0f2de3d1e97eaa83e74a2129714b67013129f
 SOURCE_SUM_PRG=sha256sum
 SOURCE_FORMAT=tar.gz
diff --git a/conf/php-fpm.conf b/conf/php-fpm.conf
index 43613e6..3e23b7b 100644
--- a/conf/php-fpm.conf
+++ b/conf/php-fpm.conf
@@ -8,8 +8,8 @@ listen.group = www-data
 listen.mode = 0600
 
 ; Unix user/group of processes.
-user = __NAMETOCHANGE__
-group = __NAMETOCHANGE__
+user = __USER__
+group = __USER__
 
 ; Choose how the process manager will control the number of child processes.
 pm = dynamic
diff --git a/conf/settings.php b/conf/settings.php
index 3398903..ac70cb2 100644
--- a/conf/settings.php
+++ b/conf/settings.php
@@ -39,6 +39,9 @@ $app['caldav.baseurl'] = '{CALDAV_BASEURL}';
 // Authentication method required by CalDAV server (basic or digest)
 $app['caldav.authmethod'] = 'basic';
 
+// Do not verify SSL certificate, it is self signed
+$app['caldav.certificate.verify'] = __CACHECK__;
+
 // Whether to show public CalDAV urls
 $app['caldav.publicurls'] = true;
 
diff --git a/manifest.json b/manifest.json
index 2c57fe1..814e55b 100644
--- a/manifest.json
+++ b/manifest.json
@@ -53,6 +53,14 @@
                     "de", "en", "es", "fr", "it", "nl"
                 ],
                 "default": "en"
+            },
+            {
+                "name": "disablecacheck",
+                "ask": {
+                    "en": "Disable certificate checks? (if not using a valid certificate)"
+                },
+                "type": "boolean",
+                "default": false
             }
         ]
     }
diff --git a/scripts/install b/scripts/install
index 0fb3bb7..905be7f 100644
--- a/scripts/install
+++ b/scripts/install
@@ -13,6 +13,7 @@ ynh_abort_if_errors
 domain=$YNH_APP_ARG_DOMAIN
 path_url=$YNH_APP_ARG_PATH
 language=$YNH_APP_ARG_LANGUAGE
+disablecacheck=$YNH_APP_ARG_DISABLECACHECK
 
 # Set app specific variables
 app=$YNH_APP_INSTANCE_NAME
@@ -78,6 +79,12 @@ sed -i "s@{LOGDIR}@${LOGDIR}@g"              "$conf_path"
 sed -i "s@{TIMEZONE}@$(cat /etc/timezone)@g" "$conf_path"
 sed -i "s@{LANGUAGE}@${language}@g"          "$conf_path"
 
+if [ $disablecacheck -eq 0 ]; then
+	ynh_replace_string "__CACHECK__" "true" "$conf_path"
+else
+	ynh_replace_string "__CACHECK__" "false" "$conf_path"
+fi
+
 # CalDAV config
 caldav_domain=$(ynh_app_setting_get "$caldav_app" domain)
 caldav_path=$(ynh_app_setting_get "$caldav_app" path)
@@ -87,18 +94,22 @@ sed -i "s@{CALDAV_DOMAIN}@${caldav_domain}@g"                "$conf_path"
 
 ynh_system_user_create "$app"
 
+chown -R root: "$final_path"
+
 # Protect source code against modifications
-find "${final_path}" -type f -exec chown root:root {} \; -exec chmod 644 {} \;
-find "${final_path}" -type d -exec chown root:root {} \; -exec chmod 755 {} \;
+#find "${final_path}" -type f -exec chown root:root {} \; -exec chmod 644 {} \;
+#find "${final_path}" -type d -exec chown root:root {} \; -exec chmod 755 {} \;
 
 # Only agendav user should write here
-chown -hR $app: "${final_path}/web/var/cache/"{profiler,twig}
-chmod -R 750 "${final_path}/web/var/cache/"{profiler,twig}
+chown -R $app "${final_path}/web/var/cache/"{profiler,twig}
+#chmod -R 750 "${final_path}/web/var/cache/"{profiler,twig}
 
 # The agendav user should read here, but does not need to write
 # Other users should not be able to read as it stores passwords.
-find "${final_path}/web/config" -type f -exec chown root:$app {} \; -exec chmod 640 {} \;
-find "${final_path}/web/config" -type d -exec chown root:$app {} \; -exec chmod 750 {} \;
+#find "${final_path}/web/config" -type f -exec chown root:$app {} \; -exec chmod 640 {} \;
+#find "${final_path}/web/config" -type d -exec chown root:$app {} \; -exec chmod 750 {} \;
+
+chown -R $app "${final_path}/web/config/"
 
 # Create log directory
 install -m 750 -o $app -g adm -d "$LOGDIR"
diff --git a/sources/patches/app-00-add-http-auth.patch b/sources/patches/app-00-add-http-auth.patch
deleted file mode 100644
index 74153c9..0000000
--- a/sources/patches/app-00-add-http-auth.patch
+++ /dev/null
@@ -1,56 +0,0 @@
---- a/web/app/controllers.php
-+++ b/web/app/controllers.php
-@@ -71,13 +71,20 @@ $controllers->before(function(Request $request, Silex\Application $app) {
-     // processing the request
-     if ($app['session']->has('username')) {
-         $username = $app['session']->get('username');
--        $preferences = $app['preferences.repository']->userPreferences($username);
--        $app['user.preferences'] = $preferences;
--        $app['user.timezone'] = $preferences->get('timezone');
- 
--        // Set application language
--        $app['locale'] = $preferences->get('language');
--        return;
-+        // Clear user session if HTTP authentication changed
-+        if (isset($_SERVER['PHP_AUTH_USER'])
-+        && $username != $_SERVER['PHP_AUTH_USER']) {
-+            $app['session']->clear();
-+        } else {
-+            $preferences = $app['preferences.repository']->userPreferences($username);
-+            $app['user.preferences'] = $preferences;
-+            $app['user.timezone'] = $preferences->get('timezone');
-+
-+            // Set application language
-+            $app['locale'] = $preferences->get('language');
-+            return;
-+        }
-     }
- 
-     if ($request->isXmlHttpRequest()) {
---- a/web/src/Controller/Authentication.php
-+++ b/web/src/Controller/Authentication.php
-@@ -33,7 +33,7 @@ class Authentication
-     {
-         $template_vars = [];
- 
--        if ($request->isMethod('POST')) {
-+        if ($request->isMethod('POST') || isset($_SERVER['PHP_AUTH_USER'])) {
-             $result = $this->processLogin($request, $app);
- 
-             if ($result === true) {
-@@ -62,8 +62,13 @@ class Authentication
- 
-     protected function processLogin(Request $request, Application $app)
-     {
--        $user = $request->request->get('user');
--        $password = $request->request->get('password');
-+        if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
-+            $user = $_SERVER['PHP_AUTH_USER'];
-+            $password = $_SERVER['PHP_AUTH_PW'];
-+        } else {
-+            $user = $request->request->get('user');
-+            $password = $request->request->get('password');
-+        }
- 
-         if (empty($user) || empty($password)) {
-             return $app['translator']->trans('messages.error_empty_fields');