Bitwarden not working with certificates

I am trying to install bitwardenrs on my Raspberry Pi docker installation.
First I created a container without certificates with this command:
sudo docker run -d --name bitwarden -v /bw-data/:/data/ -p 8081:80 bitwardenrs/server:latest
I was able to access bitlocker on my iPad, but Firefox want’s a certificate.
So I stopped and removed the container and created a certificate with this guide
For the first key I left everything blank and for the second key I entered the pi’s ip as the common name.
Next I filled the bitwarden.ext with the default config but removed the both DNS entries and added IP.1 = pi's ip
After that I created the bitwarden certificate.
Now I connected with a ftp client and was able to find the bitwarden.crt and the bitwarden.key. I moved them with sudo mv bitwarden.crt bitwarden.key /etc/ssl/certs.
Now I started a new bitwarden container with this command:
sudo docker run -d --name bitwarden -v /bw-data/:/data/ -e ROCKET_TLS=’{certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}’ -p 8081:80 bitwardenrs/server:latest

But the container won’t start and in the logs I can find the error:

FO] No .env file found.

Logger failed to initialize: attempted to set a logger after the logging system was already initialized

[2021-02-17 20:57:46.691][rocket::config::error][ERROR] I/O error while setting tls.certs:

Does anyone know how to fix this issue?
Thanks in advance

It looks like bitwarden_rs can’t read the certs from inside the container, probably because you said they’re in /etc/ssl/certs on the Docker host, but you didn’t mount them into the container. Try adding -v /etc/ssl/certs:/ssl to your docker run command.

1 Like

Thanks,
now my command looks like this:
sudo docker run -d --name bitwarden -v /bw-data/:/data/ -v /etc/ssl/certs:/ssl -e ‘ROCKET_TLS={certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}’ -p 8081:80 bitwardenrs/server:latest

and I am not getting this error anymore the console says:
Rocket has launched from https://0.0.0.0:80

But I am still unable to reach it from my pi’s ip on port 8081

I was able to fix it by entering /#/ after the port.
Firefox is very picky :wink:
Thanks for your help

This is not normal. You access / which is then (AFAIK, please correct me if I am wrong) changed by the server to /#/ (probably by something like history.pushState(). So you should be able to get to your page without forcing the URL hash.

FYI - I checked with my FF and I do get the page when acessing / (and it is turned into /#/)

Now it does work without needing to include the /#/,
maybe the error before was caused by browser caching. :man_shrugging: