Bitwarden is running successfully on my own server (Installation was pretty easy).
During setup I activated the integrated managed SSL support via letsencrypt. It works so far, however I find it annoying each time the bitwarden.sh script is invoked the certificate is checked for renewal (leads to very long delays: “Non-interactive renewal: random delay of 364 seconds”).
Therefore I decided to manage the SSL certificate by my own.
I updated bwdata/config.yml and changed the parameters ssl_managed_lets_encrypt, ssl_certificate_path and ssl_key_path and performed bitwarden.sh rebuild afterwards.
However it seems like still the certificates of the included letsencrypt are used and still with each invocation of bitwarden.sh the certificate is checked for renewal.
How can I completely disable the integrated letsencrypt support and use my own certificates with an existing deployment (already lots of passwords in it)?
Yes, letsencrypt takes usually only a few seconds for renewing/checking certificates. No idea why there are “random delays” inserted here.
However, I ended up with exporting all password data, reinstalling bitwarden without integrated letsencrypt support and re-importing all data again (btw I was wondering if there is a way to export/import ALL data from the vault, because CSV does not include all fields - URL settings are missing for example?)
I know this topic is 2 years old, but I just switched from BW’s builtin LetsEncrypt (which relies on A records) to using acme.sh via dns (using CloudFlare). That way I don’t have to expose port 80/443 to the internet.
Like OP, I updated bwdata/config.yml to change true to false like so: