Bitwarden CLI unable to verify first certificate

Hi together,

we want to self-host Bitwarden in our work environment and use the integration in ASG Remote-Desktop.This integration uses the CLI. But when I try to connect to our Bitwarden server with CLI via Powershell (or cmd) I get the following error:

I searched for it and found threads like this: ([Solved] [CLI] Failed to login on our server: "reason: unable to verify the first certificate") but the steps mentioned didn’t work for me. When I merge the certificates into a single one and don’t use the ca.crt Bitwarden isn’t accessible at all.

We have our own CA that is trusted by all our client PC’s via GPO. The certificate used for Bitwarden is generated from our CA and has no intermediates. Every other method we want to use (browser extension, web access, desktop app) but the CLI works.

I followed the best practice instructions for the installation and we are using the latest version.

If you need additional infos feel free to ask.
Anyone had a similar problem ro knows where I could have made a mistake?

when following the cat cert chain >> certificate.crt command, you might have reversed the order, and that would prevent BW from starting the nginx container.
Double check that when you append the cert, it goes cat server-cert intermediate-ca >> certificate.crt

Alternatively, it may work if there are not intermediates to append your local CA to the ca.crt chain instead.