Solved Bitwarden - Enabling HTTPS - NIGHTMARE!

Currently reading
Solved Bitwarden - Enabling HTTPS - NIGHTMARE!

76
19
NAS
DS916+
Operating system
  1. Windows
Mobile operating system
  1. Android
Hello all,

I really need your help as I feel like I’m banging my head against a brick wall. I’ve been on this task all weekend however I'm no further along. I have read countless topics on this issue but can not find the cause of my problems. I've posted on the Bitwarden_rs forums however I've had no reply and so I thought this forum may be able to help me out as my issue(s) would appear to be non-Bitwarden specific.

I have Bitwarden running in a Docker (which I downloaded, not self composed) and it has been working great, both locally and remotely. I wanted to setup 2FA and so tried to login to the vault however I get the message that; “This browser requires HTTPS to use the web vault, Check the bitwarden_rs wiki for details on how to enable it.” And so I set about reading up on everything I could find, however as I am new to all of this it is extremely difficult to make progress.

Here are some of the things I have tried;

I have added the ROCKET_TLS variable as;
{certs="/usr/syno/etc/certificate/ReverseProxy/eca2c826-6adc-4a70-897c-f3bd97110b47/fullchain.pem" , key="/usr/syno/etc/certificate/ReverseProxy/eca2c826-6adc-4a70-897c-f3bd97110b47/privkey.pem"}
However I receive an I/O error when starting Bitwarden (this is most likely because the certificate folder is not mounted).
20200615_105141.jpg


I tried the following SSH command (as someone suggested on another forum) however it returned an error that it can’t connect;
curl -kv https://192.168.1.67:1025

I have tried to follow the following link as much as possible, however when trying to map port 80 to 443 (instead of 1025) I get a conflict error;
dani-garcia/bitwarden_rs
20200615_105014.jpg


Lastly, the above link (Enabling-HTTPS) mentions that I need to mount the folder that the certificates are held in. I've spent the last few hours trying to mount the above certificate folder with a shared folder I set to NFS within Synology DSM. After several hours however I have found out that Synology uses a limited version of Linux, which is missing a number of binaries and may be preventing me from mounting the folder. For instance, one page (DiskStation Manager - Knowledge Base | Synology Inc.) states to run the commands;
apt update
apt install nfs-common
However I receive the following errors;
20200615_164357.jpg


I receive the following error when I try and mount the certificate folder to my NFS shared folder that I setup in DSM;
20200615_164911.jpg


And lastly, I have updated the /etc/exports file to allow the appropriate access rights, however that made no difference.

I have really exhausted my knowledgebase and so any assistance would be greatly appreciated.
 
ROCKET_TLS and NFS solutions: both not required. In you case I wouldn't recommend either of those approaches.

This guide is everything you need to get things up and running. Whatever you coose as the "Local Port" for your Bitwarden container needs to be set as "Destination Port" in the reverse proxy configuration.
 
ROCKET_TLS and NFS solutions: both not required. In you case I wouldn't recommend either of those approaches.

This guide is everything you need to get things up and running. Whatever you coose as the "Local Port" for your Bitwarden container needs to be set as "Destination Port" in the reverse proxy configuration.

Hello,

Thank you so much for taking the time to reply. I will follow this first thing in the morning. I've just poured myself a whisky and I'm going to get blind drunk and try and forget about all things Linux. Hahaha

In all seriousness though, thank you.
 
ROCKET_TLS and NFS solutions: both not required. In you case I wouldn't recommend either of those approaches.

This guide is everything you need to get things up and running. Whatever you coose as the "Local Port" for your Bitwarden container needs to be set as "Destination Port" in the reverse proxy configuration.

Hello,

Apologies for the late reply, I'm currently in work.

I've looked through the support in that link you provided, unfortunately however my setup follows everything it mentions. Specifically;
  • a registered domain name
  • a valid certificate for that domain name
  • 443 port (or the port of your choice) forwarded on your router towards your NAS local IP address
If it helps in anyway, I went to ssllabs.com and ran a test for my bitwarden url and it passed with flying collours;
20200616_160851.jpg


Shadow - Once I get home from work, if I post several screenshots of my bitwarden setup, would you mind comparing them to yours?
 
This one is actually crutial! You did that, didn't you?

Hello,

I tried to set the local port to the same as the container however port 80 is already in use. I was of the belief that the container port can not be changed, have I got this wrong?

Here are my container port settings for bitwarden and my reverse proxy settings;
20200617_090257.jpg

20200617_090344.jpg
 
RP settings look ok. You change the local port values, not the container port ones. So this looks solid. Is BW working for you with this setup atm or are you getting any errors?

Hello,

It's working great to be honest. I can access it via the Bitwarden app on my phone both locally and remotely, however when I try and login to the Vault locally, I get this error;
20200617_091431.jpg
 
Now you've got it going @Mike12421 tell me the why. Obviously you're storing all your passwords on your NAS. I'm trusting mine with a bunch of Canadians. I'm also paying them to share passwords amongst our 'family'. But it seems if I want to do the same with Bitwarden I have to pay them too.

I've used 1Password for years and it works for me. Is Bitwarden as nice? Can I login to websites with my thumbprint on my iPhone? I think if it does everything 1Password does I might learn from your installation nightmare and give it a shot!
 
Can I login to websites with my thumbprint on my iPhone?
You can, yes.

I got several articles on BW setup, you can have a look and see that it is a matter of minutes to get it running when you have all the prerequisites.

 
Now you've got it going @Mike12421 tell me the why. Obviously you're storing all your passwords on your NAS. I'm trusting mine with a bunch of Canadians. I'm also paying them to share passwords amongst our 'family'. But it seems if I want to do the same with Bitwarden I have to pay them too.

I've used 1Password for years and it works for me. Is Bitwarden as nice? Can I login to websites with my thumbprint on my iPhone? I think if it does everything 1Password does I might learn from your installation nightmare and give it a shot!

Hello,

I would certainly recommend the guides Rusty has referenced, they are extremely helpful.

Bitwarden is very streamlined and does everything I ask of it. I have several users registered to use my hosted instance and it runs flawlessly and best of all its free.

I've never used 1Password myself but I have used several other branded managers and I have to admit, I'll be sticking with Bitwarden.

As Rusty mentioned, if you have all the prerequisites in place, it is very straight forward to setup. Please don't let my difficulties put you off, I should have asked for help sooner. As always this forum has been extremely helpful.

Give it a try.
 
I have several users registered to use my hosted instance and it runs flawlessly and best of all its free.
Does everyone have their own independent vault then? I've only briefly scanned the BW website but it seems even if I self-host I need to pay to share passwords among a group - just like 1Password really.
As always this forum has been extremely helpful.
Oh yes, it is. I know and people really have been helpful and friendly to me while I had a Nextcloud nightmare.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Right, I’m sure those having an issue have some sort of unique thing going on. Considering they didn’t...
Replies
33
Views
6,036
  • Question
Indeed. You would need to delete it from the org and then recreate it in your personal vault to recapture...
Replies
2
Views
2,231
  • Question
https://bitwarden.dadsnas.i234.me:443 still directs to DSM login screen. I did not have "automatically...
Replies
11
Views
2,511
  • Question
I read the title as “why doesn't my entire Bitwarden vault explode? And I kept looking at it while zoned...
Replies
6
Views
2,936
  • Solved
I've changed the thread type. Now you can Mark as solution by clicking on this: Thank you.
Replies
6
Views
4,206
If you alrady have a wildcard certificate, you should already have those files. If it's created by LE, you...
Replies
3
Views
14,437
A HUGE shoutout to Rusty, who very kindly helped me offline to get the LiveSync working! A MILLION...
Replies
9
Views
6,054

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Back
Top