Self hosting and the android app, SSL setup issues

I have been following multiple guides on how to get bitwarden set up. My hardware is a Raspberry Pi 3B+, Linux raspberrypi 6.1.21-v7+ rmv7l.
I am running Rasperry pi OS Lite 32bit.

I installed Docker (Docker version 23.0.5, build bc4487a) utilizing a guide on piylifeup (forum wont let me post the link)

My ultimate goal is to have bitwarden as well as my pihole running on this same raspberry pi. I am just having trouble setting up the bitwarden so that I can access it on my android phone through the android app. In the past, I would just go into chrome and log in to bitwarden on my localhost IP and then the android app would let me log in. But it does not work like that anymore. I have gone up and down this guide:
Self Hosting Bitwarden on the Raspberry Pi - Pi My Life Up.
I have tried multiple versions of the bitwarden app, including the version that used to work for me in the past.

I create the keys, restart the nginx service and I can tell the key has been refreshed when I load the browser page because it asks to to allow permission to access again.
This is what i put in the console:

[email protected]:~ $ sudo openssl req -x509 -nodes -days 1000 -newkey rsa:4096 -keyout /etc/ssl/private/nginx-bitwarden.key -out /etc/ssl/certs/nginx-bitwarden.crt
Generating a RSA private key
writing new private key to '/etc/ssl/private/nginx-bitwarden.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:CA
Locality Name (eg, city) []:SD
Organization Name (eg, company) [Internet Widgits Pty Ltd]:AB
Organizational Unit Name (eg, section) []:na
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []: [email protected]
[email protected]:~ $ sudo dpkg-reconfigure ca-certificates
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Processing triggers for ca-certificates (20210119) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
[email protected]:~ $ sudo update-ca-certificates
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
[email protected]:~ $ sudo systemctl restart nginx

Then I download these keys onto my phone and import them into android with the CA certificate importer in the settings but i still get an error when I try to log in. When I try to log in without importing the certificate, i get an error saying that the certificate is not found but when I do import it, i can see the certificate details in my error and the error states the hostname is not verified.
I would prefer to not use my domain and possibly expose my device to the internet. I attempted to use the cloudflare service to do this but i get errors trying to set up my domain and direct traffic to it, but either way I would rather just have it set up as a localhost and then I can VPN into my network if i need to access it.

I tried to follow this post: Self Signed Certificate on local network - works with Chrome, Iphone and Android
but I get the same error on my phone when I try to log in. I attached two screenshots, one for when I do have a cert imported and one for when I dont.
I know I’m doing something wrong and i’ve been beating my head against the wall trying to figure it out. Any advise or suggestions or something to point me in the right direction would be appreciated.

Thanks .

I was able to get this working by making sure i was importing the .PEM file and not the csr etc. After i imported the .pem file generated in the instructions here:

it worked fine.

Hi @LHowell0 and welcome to the community,

If you read carefully you’ll notice the guide you have linked describes how to download a 3rd party unofficial rewrite of the Bitwarden server known as Vaultwarden (previously known as Bitwarden_RS).
I hope you were aware of this and intended to download an unofficial server software, otherwise you may wish to be a bit more careful in the future following instructions on the internet about typing in commands if you may not fully understand what they are doing.

This version is a re-implementation of the Bitwarden server API but entirely written in Rust.

  1. Our first step is to pull the latest version of Bitwarden RS using Docker.
    These steps will download that latest version of the server and make it available to run.

docker pull vaultwarden/server:latest

For any support with the Vaultwarden server I would recommend your best option for support would be to reach out to the Vaultwarden community forums.

I’ve made a few different posts about the difference between the two and go a bit more in depth as this is a point of confusion that comes up often for many members here. If you’d like to find out more, you can feel free to search the phrase to see what others in the community mention about the topic.

Alternatively you may also wish to try out the Bitwarden Unified sever which you can self-host on an ARM board like the Raspberry Pi.
Though I would make the note that this is currently in Beta, so if you do run into any issues the devs always want to know and have them reported to fix.

Thank you for your reply. Thats my mistake, I should have posted this on vaultwarden to ask my question. I was aware of what i was typing into my terminal.

I did try to install the unified option but ran into issues before. I will attempt to install Bitwarden Unified again. Hopefully now that I understand more of what I am doing I can set it up.

Sounds good, if you do try out the new Unified and run into any issues or have questions feel free to start a new thread.

I’ll go ahead and close this one for now since you will get support from the appropriate community for the 3rd party software.