And when you haven’t stored the admin key safely? (I know stupid, but that is not the point now )
Or is reinstallation the only way?
edit: Found it somewhere in a snapshot.
And when you haven’t stored the admin key safely? (I know stupid, but that is not the point now )
Or is reinstallation the only way?
edit: Found it somewhere in a snapshot.
Hey there,
I finally managed to set up SSL for my bitwarden add-on using a self-signed certificate.
It was kind of cumbersome because most tutorials about this result in certificates that are neither accepted by current Chrome versions (without warnings anyway) nor the bitwarden Android app.
After several attempts using various openssl commands and verifying with chrome it turned out that a root CA and a signed service certificate was not enough to eliminate Chrome’s warnings. For example, the use of subject alternative names (SAN) in addition to the common name (CN) is mandatory otherwise a further warning will be shown. Specifying these X509 extensions in the command line / config files would work but by the time I was at that point I had enough of trial and error.
I finally wound up using YAOG (Yet Another Openssl GUI). The developer has a good walkthrough here: YAOG/docs/10-full-example-1.md at master · patrickpr/YAOG · GitHub
WIth minor adaptions it worked for my purpose as described.
After creating Root CA and a signed service certificate it needs some postprocessing (which I did on my linux box):
Append public key of Root CA to public key of service certificate
cat RootCA.pem >> bitwarden-pub.pem
copy service certificate to hassio ssl folder:
sudo cp bitwarden-pub.pem /usr/share/hassio/ssl/bitwarden-fullchain.pem
sudo cp bitwarden-key.pem /usr/share/hassio/ssl/bitwarden-privkey.pem
Change bitwarden addon config to these new file:
{ "ssl": true, "certfile": "bitwarden-fullchain.pem", "keyfile": "bitwarden-privkey.pem", "log_level": "info" }
In order for Chrome to accept the certificate:
Import the root ca certificate (pem) into Windows certificate store as trusted root certificate.
In order for the Bitwarden Android App to accept the certificate import the root ca certificate in Androids trusted credentials store. For that to work, the certificate has to be converted first:
openssl x509 -inform PEM -outform DER -in RootCA.pem -out RootCA.der.crt
The RootCA.der.crt can be put in the root of the SD card and then imported.
Hope this helps
Jochen
This release is a generic update release.
Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck
Thanks, seems awesome ! May be a good alternative to dashlane and keepass.
Two One questions :
Edit : I found the /admin interface with smtp settings
Thanks.
I’m getting this error when I log in locally. I created my account on the BitWarden website, and I have ssl set to false.
I dd some searching and didn’t see anyone else having this issue. Anyone have any ideas?
That’s a known limitation when running non-SSL, it’s described on the Github page:
Well, I totally missed it. Woops, and thanks for pointing it out!
This release is a generic update release.
Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck
@jo-me cloud you please explain what minor adaptions you did? I’m interessted in doing the same thing you did but I can’t get it to work.
Thanks in advance
I generally followed the guide from the YAOG tool linked above but used slightly different settings
RootCA settings:
For the service certificates (e.g. for bitwarden) i changed/added the following settings:
This release is a generic update release.
Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck
This release is a generic update release.
Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck
Is there a way to backup all pw information from all users using my bitwarden instance? so i can move to another instance?
This release is a generic update release.
Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck
@Chandler_K_Sharp My understanding is that with Bitwarden, all you need to do is migrate the ./bwdata directory.
I read that as well but i didnt have any luck finding that directory on my linux machine running hassio.
the best i could find was /usr/share/hassio/addon/data/bitwarden but i didnt know if that was correct. or where i could find the others in linux?
@Chandler_K_Sharp You’re right, i can’t seem to locate that directory either. We might need some input from @frenck on this one.
So according to this the files in that location seem to correspond. I even have the sql database file. I wonder if i could use the sqllite add on or something and successfully back it up that way
This release is a generic update release.
Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck
I just had a look at it, last available version (0.3.2) - I cant seem to override the admin token - so that creates a new token every time it starts.
I imported some 1password.pif and it seems chrome doesnt like it - I have around 3500 passwords in the pif the web shows all created folders empty via accessing the web vault - I changes the request size to 30MB no change.
the iOS app and Safari however show the imported/moved passwords fine …
What are the options to debug the above issues?
I use the duckdns/letsencrypt addone and SSL works by using the local dns.
also how do I completely remove it - seems ditching the container isnt sufficient - it seems some additional information is retained somewhere