I’ve started my new chapter with BW and it’s pretty cool solution. I’ve installed self-hosted version on Proxmox. All look fine, I have logged in by browser etc. But what I would like to have is to login to BW by Android app. I would like to use BW only in my private network, when I’m connected by WiFi, without any public domain. I’ve made only self signed certificate during the installation.
So in my Android app I put the IP address of my BW server but it doesn’t work. Received exception about certificate, than installed self signed certificate on my mobile. Then received other exception than my host name (IP address) is not verified.
So question is is it possible to use android app locally without any domain, certificates etc based only by ip? If yes can you help me step by step what I need to do to handle it.
Hi @MarcinW and welcome to the community,
Always good to see another Promox user
According to the documentation https://bitwarden.com/help/certificates/#use-no-certificate Bitwarden does require the use of HTTPS and an SSL certificate of some kind.
There are options to use a self-signed certificate which will require you to load the certificate chain into your device’s root store, but this is generally only recommended for testing and advised to use a proper valid certificate for production use.
As far as if this will work without a proper domain and only using the local hostname/IP, I am not sure but I would guess most likely not. Definitely feel free to report back with your findings though if you end up testing this out.
Thank you for an answer. I’m after some tests and this are my results.
I have working BW on proxmox, I can access to it by web browser by typing i.e. https://192.168.1.2/#/vault I can login and logout, store some seccrets but I cant do it same by using Android app (i.e. when I’m connected to the same network by wifi).
My BW it’s not exposed outside the network its behind the NAT, router etc nevertheless using BW in Android would be the best of the bests
funny situation, I have just installed BW Extension to Chrome added same settings like I have in Android and I’m in
Afrer installing certificate (on my Motorola) and try to log in I’m getting Exception message: Hostname 192.168.1.2 not verified: certificate: sha1/ …
I’m in the same boat with you. No matter what I did with self-signed, it never works with my Galaxy phone. I suspect we must run SSL.
I have to play with Let’s encrypt.
Even if you are successful at getting a self-signed certificate to work, they are a huge hassle and not recommended by Bitwarden.
I have an instance of Bitwarden server running on my private network at home on a private IP address (i.e., 192.168.x.x), and I was able to generate a CA cert from Let’s Encrypt, which got around the need to install a self-signed cert on my devices (easy on desktop machines, but the mobile devices are tricky).
The trick is you must have access to a domain (e.g., one you own) so that you can set up DNS records and you must generate the certificate manually. To do so, I added my private IP to the DNS records of the domain I own, and then used the certbot app in manual mode (using DNS challenge) to generate the cert. I can provide more details if that isn’t articulated clearly enough. Cheers!
This would be nice. I stumbled on these steps.