On-Premise Installation "failed to fetch" on Client and Connector

Hi, I need help with our on-premise Installation of Bitwarden and I hope this is the proper forum to ask this question.

After successfully using the ./bitwarden.sh to get the container running and specifying bitwarden.ourcompany.de as the domain name for the Bitwarden Instance and adding an Host (A) resource for the Server which is running the Docker Containers. I can access Bitwarden with a Browser from our LAN using http://bitwarden.ourcompany.de but when i try to specify this very same address as the base URL in the Windows Client or the Bitwarden Connector I get a “failed to fetch” error.

FYI the URL is not accessible from the Internet because we didn’t put it in a forward lookupzone in our firewall. I think that shouldn’t be a problem, but i might be wrong.

I hope you guys can help me with this. Thanks in advance and best regards

Chris

Are you using a self signed certificate? Is it trusted by the device?

We’re using no certificate at all.

You have to be using some type of certificate. It is required during installation.

Ähm, that might be the Error. I did not select to generate a Let’s Encrypt certificate and we do not have a self signed certificate.

Is it possible to fix this at this point, or do I have to reinstall?

Since I don’t know what configuration your installation is currently in, the only suggestion I can give it to reinstall and choose the appropriate cert options.

Ok, i am now reinstalling. But i get this:

I guess the problem is now, that we only have a local DNS entry for the Bitwarden Instance, right?

Yes, you can’t use Let’s Encrypt with a non-public domain.

Hi Kyle,

right now I am trying to get a self-signed certificate running with docker. After digging into OpenSSL and hopefully getting things configured right, I have a now a certificate.crt (which I bundled from a bitwarden.crt and a ca-root.crt) and a private.key which I got out of the bitwarden-key.pem

I placed these files in bwdata/ssl/bitwarden.ourcompany.de and now tried to reinstall the Docker Containers. The problem now is, that after everything is started, I can see in my Docker GUI (Portainer) that bitwarden-nginx is running and has joined docker_default and exposed Ports :80 and :443

BUT after 10 or 20 seconds the Webserver automatically drops from the Network and does so every time I manually rejoin the network docker_default.

Any Idea what is going on there?

What does the nginx error log say in bwdata/logs?

2018/08/15 13:42:25 [emerg] 1#1: PEM_read_bio_X509_AUX("/etc/ssl/bitwarden.ourcompany.de/certificate.crt") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)

Ok, I guess I didn’t do the OpenSSL stuff correct :confused:

Oh, well back to the drawing board.

The install process can generate a self-signed cert for you if you choose.

Hey Kyle, I thought this is only possible for a public domain?

Edit: Ah, never mind. I found it ^^

I have bitwarden aws ec2 instance connected to external MSSQL. I was able to edit the global file and everything was going good. then i edited the global file for admin, and now iam not able to access the bitwarden site itself. It says ‘too many redirects’.
i cleared cookies and tried but still same. and also i removed those snmp configuration to atleast revert back but couldnt.
i guess its something to do with ssl cert, but what iam not sure.