I’m selfhosting a bitwarden_rs docker container which runs beautifully in my browser as well as the browser extensions (chrome/firefox). However, the last week I have been struggling to also get it working on my android phone.
I’m using the official bitwarden android app in which I point to my bitwarden_rs server (https://vault.$DOMAINNAME) in the settings tab. Then when I put in my credentials and try to login I get the message:
Exception message: Cannot access a closed Stream
Searching on the internet and on this forum I found no one with the same error message as this. Also, I don’t know in what direction I should look as I don’t really understand what the exception tries to tell me.
Is there anyone who can point me in the right direction?
Forgot to mention, I’m using Traefik’s reverse proxy with LetsEncrypt certs. If this wasn’t setup correctly my browser extensions wouldn’t work either right?
Not necessarily, the root CA store on desktop and mobile operating systems can be different. Especially on Android, where phone vendors often don’t do a good job with providing OS updates, the root CA store might not include LE intermediate CA certs.
I’m not familiar with Traefik’s LE implementation, but make sure it’s sending the full chain that includes the R3 intermediate CA cert (see Chain of Trust - Let's Encrypt - Free SSL/TLS Certificates). The full chain should include two certs: the leaf cert followed by an R3 cert.
I’m not sure if this is the cause of Cannot access a closed Stream, but for setups with LE certs that work fine in browsers, this is probably the most common issue for Android devices.
Even though the message Cannot access a closed Stream didn’t make it obvious that this was my issue, it could be solved by installing an older version and updating after login.