Synology self hosted/iOS app login issue

Note: Your question may already be answered in the Bitwarden Help Center.

Just a reminder - All Enterprise, Teams, Families, and Premium subscribers receive priority support at Get in Touch | Bitwarden :partying_face:

Hi guys,
I am pretty sure this topic has been discussed in the past many times, but I cannot seem to bypass it without hardship.
I am running iOS 15.1, iPhone 13 pro and self hosting Bitwarden on my Synology NAS (DSM 7.0.1-42218) in Docker. I have not issues open Bitwarden site locally and even over internet. But I am failing to login with the iOS app. I tried several options for the server URL address but I cannot for the love of God login. Tried HTTP but of course it has to be secure connection so HTTPS it is, when I do HTTPS I get “An error occurred” message.
I have done some research (perhaps not enough) where import of security cert is suggested. If someone have some good info/process I would really appreciate the help. And since I am running iOS, I am not even sure how to import security cert from my Syno NAS to my phone. Any suggestions/advices welcomed. Thank you :slight_smile:

See my suggestions in your other post here:

I’ll give it a shot. Thank you so much!
May I pick your brain if I get stuck?
Than you!

No problem - and if I can’t help, there are lots here who will be able to, I’m sure.

Hi Dave,
So, I did tried, but honestly, this is beyond my brain understanding how to add cert to my iPhone. My phone is private device not MDM, no company is managing it. Also, I do not even know what tool to use in order run the commands and I so want this to work. I know you have probably tons people asking diff questions, so I am not expecting tailored help, but if you explain this in detail like you would to a child I will really appreciate the gesture.
I have cert from Let’s Encrypt, but what to do next…my head can’t process.
Than you

Actually, you don’t want to manually install any certs on your phone, which is why you want to avoid a self-signed cert on the server.

Instead, you want to use a cert on the server that your phone will already trust, like a Let’s Encrypt certificate which won’t require any manual installation on your phone. This is an option when you installed the on-premises BW server:

https://bitwarden.com/help/article/install-on-premise-linux/

I do have the Let’s Encrypt on the NAS for the Bitwarden. I have one for NAS apps itself and second I created yesterday following another instructions. Bitwarden
Maybe it was not good idea. I know this is hard to explain and without you being able to see what I have done its not also the best. But I will try my best to read your link you’ve sent and see if I can get it to work.
But know this, that I am really grateful for your help.
Thank you

1 Like

Got this error.

Got permission denied while trying to connect to the Docker daemon socket at uni x:///var/run/docker.sock: Post “http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/c reate?fromImage=certbot%2Fcertbot&tag=latest”: dial unix /var/run/docker.sock: c onnect: permission denied

Any clue why or how can I correct?

I am still trying, got passed by the first error, but got this one instead. Any idea what should be done please?

docker: Error response from daemon: driver failed programming external connectivity on endpoint certbot (54660c571eaff26eb9aca8a0caccba6d0eeeb67f5151632fad90ea18eadbc8b6): Error starting userland proxy: listen tcp4 0.0.0.0:80: bind: address already in use.

Sorry Pedro - just from the error messages alone, I can’t diagnose how to fix the issues you are encountering. The last error suggests you have two services (Bitwarden and your proxy server?) trying to use port 80, however, which can’t happen. But I have no idea how many other configuration issues could be occurring. Maybe someone else here knows?

Hey Dave,
I do run reverse proxy, but no port 80 is listed there. I will keep investigating, maybe I will figure it out… if not, oh well…
I was able to pull down the certbot, and bitwarden images, but they keep restarting. Sigh…

I cannot find no info on this 11482/nginx: master
Do you know what that might be?

I am far from an expert here, but I believe that is an nginx master process (web server/proxy server), and it is listening on all network adapters in your server on port 80 (HTTP traffic).

And my apologies, Pedro, but I have never installed a Bitwarden self-hosted server, nor do I have any real experience with Synology NAS servers, so I’ll let others chime in if they have some experience with your issues.

No apology needed, you were nice to steer me to right direction.
How can I let anyone here know or ask for help?
Thank you

You mentioned you already run a type of reverse proxy, does this also provide certificates for you in the reserve proxy? Majority of reverse proxies will also allow you to generate valid certs as the reverse proxy is where the client traffic is terminating, if so then you should be able to use your reverse proxy to connect on ports 80 and 443 and then redirect back to Bitwarden from there even if Bitwarden doesn’t have a valid cert.

Hi Kent,
Thank you for your time and looking over the discussion.
I do run reverse proxy indeed, but none of is for port 80, only for 443.
I tried to find out what is occupying port 80 and I got the NGINX there sitting. No idea how that could be changed. Apparently the port is needed to download the cert. I know this should be fairly simple config install, but I am at the end of my ideas how to do this. I have Bitwarden and certbot installed in the container but they do loop restarts. Any ideas please? I am open to suggestions. Thank you

Forgot to mention, even though the install seem to be there, its not probably complete, because in the container folder for Bitwarden is nothing.

Update:
Now I am getting this error for port 443 :-/
Reason I have not seen any file created by the install because they have been created in my “Homes” folder. I wonder why the install would go to Docker folder Bitwarden. sigh…

443 says listen, but still throws the error.