aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel GarcĂ­a <[email protected]>2018-11-09 16:24:45 +0100
committerGitHub <[email protected]>2018-11-09 16:24:45 +0100
commitdd005910824929778f4d54b342f1c5ac8ac834bb (patch)
tree5bca1bee6a464bb7d38d33d373e3c26ed3d64da5
parent1e9dd2fd4e980e83e72939c3a61359658433538d (diff)
downloadvaultwarden-dd005910824929778f4d54b342f1c5ac8ac834bb.tar.gz
vaultwarden-dd005910824929778f4d54b342f1c5ac8ac834bb.zip
Add info about how to fix #1761.4.0
-rw-r--r--README.md8
1 files changed, 5 insertions, 3 deletions
diff --git a/README.md b/README.md
index 2ecfc3be..ba4fed2b 100644
--- a/README.md
+++ b/README.md
@@ -195,17 +195,19 @@ docker run -d --name bitwarden \
```
Note that you need to mount ssl files and you need to forward appropriate port.
+Due to what is likely a certificate validation bug in Android, you need to make sure that your certificate includes the full chain of trust. In the case of certbot, this means using `fullchain.pem` instead of `cert.pem`.
+
Softwares used for getting certs are often using symlinks. If that is the case, both locations need to be accessible to the docker container.
-Example: [certbot](https://certbot.eff.org/) will create a folder that contains the needed `cert.pem` and `privacy.pem` files in `/etc/letsencrypt/live/mydomain/`
+Example: [certbot](https://certbot.eff.org/) will create a folder that contains the needed `fullchain.pem` and `privkey.pem` files in `/etc/letsencrypt/live/mydomain/`
-These files are symlinked to `../../archive/mydomain/mykey.pem`
+These files are symlinked to `../../archive/mydomain/privkey.pem`
So to use from bitwarden container:
```sh
docker run -d --name bitwarden \
- -e ROCKET_TLS='{certs="/ssl/live/mydomain/cert.pem",key="/ssl/live/mydomain/privkey.pem"}' \
+ -e ROCKET_TLS='{certs="/ssl/live/mydomain/fullchain.pem",key="/ssl/live/mydomain/privkey.pem"}' \
-v /etc/letsencrypt/:/ssl/ \
-v /bw-data/:/data/ \
-p 443:80 \