Hi! We’re facing this issue when trying to connect to our instance of Bitwarden with the command-line tool:
$ bw login [email protected]
? Master password: [hidden]
request to https://bitwarden.mycompany.net/api/accounts/prelogin failed, reason: unable to verify the first certificate
The only “extrange” thing that we are doing is that the server is using a wildcard certificate:
CN = *.mycompany.net
Any ideas? Thanks!
OK, solved it. It’s the same problem described here:
And the solution proposed by andre1808 here:
Basically cat cert chain >> certificate.crt , makes it work.
I guess that this should be documented somewhere on the Linux Standard Deployment | Bitwarden document, what do you think @kspearrin ?
Ran into similar problem, except that I was fronting bitwarden with Caddy, and fronting Caddy with FortiGate firewall doing SSL deep inspection. Sufficient to say that Caddy (using LetsEncrypt) was providing a full-chain certificate, but I forgot to add the LetsEncrypt CA’s root chain to the Fortigate. The moment I added https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem to the fortigate, my bitwarden CLI just started working 
Forgive my ignorance, could you elaborate on that? Why do I need to add the Let’s Encrypt CA cert manually on the Fortigate? Where exactly did you add it? Under System > Certificates?
yeah, System → certificates → create
and then select it in the relavent policy/settings pages
You COULD upload your own certificates (before LE was in FortiOS, we used the API or SSH->cli to push load the certificates), but this does work 
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
