mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2025-12-09 17:23:04 +03:00
Error: Cannot read property 'importKey' #2341
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @oscartbeaumont on GitHub.
Hello,
I just came across this project and installed it using the command in the README. When I try to login I get the error below. The error below is copied from the Chromes devtools console. Have I done something wrong or is this a bug?
@oscartbeaumont commented on GitHub:
Everything loads successfully. The last 2 request in the attached image are run when I click submit for the first time after the reload. The second time I click it nothing happens. Both times cause the error popup and it has stopped logging the error to the browser console.
@mprasil commented on GitHub:
Try to go to the login screen, open the network tab and press ctrl-shift+r to do a full reload. See if any of the requests fail. Perhaps some static file didn't load properly or something like that. It looks like browser/client issue to me, but don't know enough javascript to be sure here.
@mprasil commented on GitHub:
I suppose it still doesn't log you in though? Does the official Vault work for you? (https://vault.bitwarden.com)
@oscartbeaumont commented on GitHub:
It is not making any web request, It must be failing before that occurs. The command I used to start the server is
It is weird because I just checked and safari (on the same system) works fine but Chrome fails with the registration (it freezes on the submit button) and the login screen. I am on a Mac if that helps. I also disabled all of my extensions and that hasn't helped.
@mprasil commented on GitHub:
Hi, the console error probably isn't going to be as useful as network view. Try to see if there are any failing requests in the network tab of dev tools. Also do check the logs on the server side. You can post those here. (obviously replacing any sensitive data)
Also can you share the exact command you used to run bitwarden_rs?
@mprasil commented on GitHub:
Is there any proxy in between or anything like that?
@oscartbeaumont commented on GitHub:
I have a self-hosted instance of the official Bitwarden running and the login works perfectly.
@oscartbeaumont commented on GitHub:
I Am Running Google Chrome 68.0.3440.106 (Official Build) (64-bit) Revision 1c32c539ce0065a41cb79da7bfcd2c71af1afe62-refs/branch-heads/3440@{#794}
On MacOS 10.12.6.
@oscartbeaumont commented on GitHub:
It is also happening on a windows system with the same chrome version.
@mprasil commented on GitHub:
What version of chrome are you using. I've tried to reduce this with Chromium version 68.0.3440.106 on Ubuntu and it just works for me 😕
@oscartbeaumont commented on GitHub:
No not currently but I will add one when I deploy this in the future.
@mprasil commented on GitHub:
Do you have any domain configured or you access it by IP?
@mprasil commented on GitHub:
Make sure you pull the latest image!
@oscartbeaumont commented on GitHub:
IP and HTTP. I am currently updating Docker on a second system and I will try running the server there and see if it works.
@oscartbeaumont commented on GitHub:
It works when hosted on another machine. So I am going to reinstall it to my server and see if that fixes it.
@mprasil commented on GitHub:
Hi, I've built
mprasil/bitwarden:betawhich is using latest Vault from master. Can you test that one and see if you still get any issues?@oscartbeaumont commented on GitHub:
I repulled the image from docker and it still didn't work but I created a new VM (Cloned from a base Image), installed docker and it didn't work. My server is running Debian and that could be causing an issue or my base vm has something it doesn't like or it does like being run inside a vm but docker has been working fine for other stuff.
@oscartbeaumont commented on GitHub:
I installed the beta container and am getting the error on the account signing up page and submitting a correct login page. The login had to b created through Safari which isn't suffering this bug.
Also It is now making web requests when I submit a login and they are returning a correct login not an error.
@mprasil commented on GitHub:
Seems very unlikely that host OS would affect web interface in such way. Maybe a different docker version? (even that sounds kinda unlikely) I tried couple different setups here and failed to reproduce your issue. 😕
@ghost commented on GitHub:
I had the same problem on Google Chrome, after switch to Firefox problem gone. I wrote about it here
I thought it was server slow response
@mprasil commented on GitHub:
What web request does it make when trying to log in?
@oscartbeaumont commented on GitHub:
POST /api/accounts/preloginIt Returned With The Status 200:
{"Kdf":0,"KdfIterations":5000}@mprasil commented on GitHub:
@Silveress, can you confirm, that this happens only in Chrome for you?
@theazriel commented on GitHub:
hi,
this issue looks only a chrome browser, with edge it works fine.
in chrome i get the follow issue:
This page includes a password or credit card input in a non-secure context. A warning has been added to the URL bar. For more information, see https://goo.gl/zmWq3m.
11core.js:1440 ERROR Error: Uncaught (in promise): TypeError: Cannot read property 'importKey' of null
TypeError: Cannot read property 'importKey' of null
at n. (webCryptoFunction.service.ts:45)
at zohoVaultCsvImporter.ts:7
at Object.next (zohoVaultCsvImporter.ts:7)
at zohoVaultCsvImporter.ts:7
at new t (zone.js:887)
at t (zohoVaultCsvImporter.ts:7)
......
@Silver-Golden commented on GitHub:
Same thing was happening for me on 2.2.0.
Upgraded to 2.2.1 and its still happening.
This is a clean install as well (just started testing it for my purporses)
@oscartbeaumont commented on GitHub:
So in doing some research I have worked out that the error is caused the library vibornoff/webcrypto-shim. I also came across evilsocket/arc#98 which looks to be a similar issue. One of the things said in the thread is
which is probably what is occurring here.
Edit:
This is related to Chromes handling and it should still work fine in other browser including Safari (Tested By Me) and Edge.
@Silver-Golden commented on GitHub:
I can concur with @oscartbeaumont.
I set it up on a subdomain on my vps with letsencrypt certs and nginx reverse proxy.
Accessing it via the sub domain it worked perfectly.
Accessing directly via IP (no cert) and the issues returned.
And these issues only pop up on chrome (and chromium) so I presume it is something how chrom(ium) handles http sites.
@oscartbeaumont commented on GitHub:
I just setup my bitwarden_rs on a testing subdomain so I could share it and see if that can help with debugging but after setting that up I noticed it was working. My server parses traffic through an Nginx Proxy which handles HTTPS termination automatically. I them tired setting the DOMAIN env variable and that didn't help. So I generated a self signed HTTPS cert and configured it with the ROCKET_TLS env variable and the issue when away. So it must be something to do with HTTP.
@oscartbeaumont commented on GitHub:
@theazriel From my understanding this only effects Chromes and that is why Edge and Safari are not effected.
@theazriel commented on GitHub:
I have create an account without https/ssl with edge browser an linked this ip from docker 0.0.0.0.8080 to the Bitwarden app, it work fine nur you must Change from https into http, so you habe Access from all devices on your own bitwarden
@CaptInsano commented on GitHub:
Just to add, same problem here.
Currently running most recent docker image at time of writing: mprasil/bitwarden:latest 31/08/18
Chrome Version 68.0.3440.106 (Official Build) (64-bit) not allowing login or creation of new user, Firefox works perfectly.
Note: I also get the same issue if accessing BitWarden via a https Nginx reverse proxy with a LetsEncrypt cert on Chrome
@mprasil commented on GitHub:
@oscartbeaumont do you think it would make sense to report this issue in the upstream Vault repo? Is there anything that can be done about this?
@oscartbeaumont commented on GitHub:
I don't think there is because if it is a design decision by Chrome which is what it looks to be there is nothing that can be done. An idea would be adding an autogenerating self signed or Letsencypt HTTPS certificate to the docker container. This would be better for the security and I can help with the integration of this if needed.
@mprasil commented on GitHub:
I've reported it upstream to bring some awareness about this problem.
@theazriel commented on GitHub:
Yes correct, this is only a Chrome Problem, after Changing Browser everything works fine
@CaptInsano commented on GitHub:
@mprasil
You are right about the Nginx reverse proxy w. LetsEncrypt cert over https.
It works correctly once I cleared my cache, I am sorry for that.
Good to have an answer anyway.
@mprasil commented on GitHub:
Confirmed with Kyle, that this is intentional, we need to document this to avoid people reporting it as a bug.
@mprasil commented on GitHub:
@CaptInsano I'm using Bitwarden with LetsEncrypt cert on reverse proxy and it works fine everywhere including Chrome. I can only reproduce the problem over HTTP, is it possible there are some other issues affecting your HTTPS connection? So far everyone reported, that it works for them over secure channel.
@CorneliousJD commented on GitHub:
Just dropping in for early 2019 to say that I just deployed this on unRAID docker container and since there's no way to access over HTTPS out of the box without setting up reverse proxy, it fails in Chrome to let you sign in or register a new user. Firefox and Edge worked fine.
Can you couple this with at least a way to access over HTTPS? Even if it's just a self-signed cert so users can at least get accounts created and then setup their own reverse proxy if they want to secure it?
FYI I almost decided to ditch this assuming it would NEVER work in Chrome, but sounds like once I reverse proxy it, it'll be fine. Working on that next.
@mprasil commented on GitHub:
The documentation was merged. I'm going to resolve this as wontfix, because it's just not supported upstream.
@dani-garcia commented on GitHub:
As far as I know upstream doesn't support HTTP at all, so I don't think it's of much use. I think it would be useful to include a warning somewhere, as the error message is quite cryptic, not sure if modifying the web vault is the best way though.
@hank commented on GitHub:
Yeah another user here that ran into this. Could you make it so a warning or something pops up when this occurs? It's hard to figure out that you need HTTPS.
@mprasil commented on GitHub:
I think this should probably be implemented/reported upstream as it's client only issue?
@dani-garcia commented on GitHub:
I'm not sure if including or generating self signed certificates ourselves is a good idea, there are a lot of external tools that would do a better job than us.
We should definitely mention this in the README, because a lot of users already hit this problem.
@CorneliousJD commented on GitHub:
@dani-garcia - sounds good, With a quick bit of research I was able to solve the problem and I'm up and running with a super lightweight self-hosted option. Thanks for the hard work on this!
@ngloom commented on GitHub:
in my case , error disappear after using https
@briceparmentier commented on GitHub:
Hi there,
I'm facing the same issue, knowing that in my case I'm self-hosting it on a Raspberry PI.
It appears the same on several browsers, Firefox at home, Chrome and Edge at work.
On Chrome or Firefox, nothing happens at all, on Edge, I get kind of a red popup on the right side telling something went wrong (and nothing else).
I'm not using HTTPS, maybe that's the clue?
Thanks !
@briceparmentier commented on GitHub:
@meyerje I've been reading the Wiki here https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-HTTPS, which points to another page for how to create a personal certificate. It also say that If following that guide your ROCKET_TLS line could look like this: -e ROCKET_TLS='{certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}', but I'm missing the part of where to move the generated files (all certificates and keys and all the stuff from the second page) to the docker machine...
Anyone can help with this?
Thanks
@mprasil commented on GitHub:
Ah right, I forgot they don't support it at all. I wonder if they'd accept PR with some user friendly error message anyways.
@meyerje commented on GitHub:
Use https @briceparmentier