[rocket::config::error][ERROR] I/O error while setting tls.certs #725

New Issue

OVERLORD · 2026-02-04T22:21:03+03:00

OVERLORD commented

2026-02-04 22:21:03 +03:00

Originally created by @Doceran on GitHub (Jun 10, 2020).

Hi Guys.

I'm actually trying to install my own local bitwardenrs server on a raspberry Pi3.
this server will be available only from my LAN and it won't be open to WAN.
i want to create volumes to my NAS to be able to save the files in case i delete the container.

Actually the volumes are working because i can see the files in the different folders and i also got other containers like pi-hole and wordpress working correcty.

i did many attempts but i always got the same error : "[rocket::config::error][ERROR] I/O error while setting tls.certs" and the container is rebboting again and again.

First i tried with this compose file :

version: '3'

services:
  bitwarden:
    image: bitwardenrs/server:raspberry
    restart: unless-stopped
    environment:
      WEBSOCKET_ENABLED: 'true'
      ROCKET_TLS: '{certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}'
      LOG_FILE: '/data/bitwarden.log'
      SIGNUPS_ALLOWED: 'true'
      DATABASE_URL: '/database/bitwarden.sqlite3'
      ATTACHMENTS_FOLDER: '/attachments'
      DATA_FOLDER: '/persistent'
      ICON_CACHE_FOLDER: '/icon_cache'
    volumes:
      - bw-data:/persistent
      - bw-database:/database
      - bw-attachments:/attachments
      - ssl:/ssl
      - icon_cache:/icon_cache
    ports:
      - 8000:80
    networks:
      - bitwarden-network
volumes:
 bw-data:
  driver: local
  driver_opts:
   type: nfs
   o: addr=192.168.**.**,rw,nolock
   device: ":/****/****/bitwarden/Raspberry-PI/bw-data"
 bw-database:
  driver: local
  driver_opts:
   type: nfs
   o: addr=192.168.**.**,rw,nolock
   device: ":/****/****/bitwarden/Raspberry-PI/bw-database"
 ssl:
  driver: local
  driver_opts:
   type: nfs
   o: addr=192.168.**.**,rw,nolock
   device: ":/****/****/bitwarden/Raspberry-PI/ssl"
 icon_cache:
  driver: local
  driver_opts:
   type: nfs
   o: addr=192.168.**.**,rw,nolock
   device: ":/****/****/bitwarden/Raspberry-PI/icon_cache"
 bw-attachments:   
  driver: local
  driver_opts:
   type: nfs
   o: addr=192.168.**.**,rw,nolock
   device: ":/****/****/bitwarden/Raspberry-PI/bw-attachments"
networks:
 bitwarden-network:
  driver: bridge
  ipam:
   config:
    - subnet: 172.23.4.0/29

Then i searched for some help about this error and i saw this issue : https://github.com/dani-garcia/bitwarden_rs/issues/806#issue-546060510

so i tried to make a test with this code :

docker run -d --name='bitwarden' -e 'SIGNUPS_ALLOWED'='true' -e ROCKET_TLS='{certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}' -p 8343:80/tcp -v /root/bitwarden/test/:/data/:rw -v /root/bitwarden/test/:/ssl/ bitwardenrs/server:raspberry

it didn't work and i got the same error.

i did many tests with my own openssl certificate and i also tried this one : https://github.com/dani-garcia/bitwarden_rs/wiki/Private-CA-and-self-signed-certs-that-work-with-Chrome

Do you have any idea where this error comes from ?
Please help me, thx

Originally created by @Doceran on GitHub (Jun 10, 2020). Hi Guys. I'm actually trying to install my own local bitwardenrs server on a raspberry Pi3. this server will be available only from my LAN and it won't be open to WAN. i want to create volumes to my NAS to be able to save the files in case i delete the container. Actually the volumes are working because i can see the files in the different folders and i also got other containers like pi-hole and wordpress working correcty. i did many attempts but i always got the same error : "[rocket::config::error][ERROR] I/O error while setting tls.certs" and the container is rebboting again and again. First i tried with this compose file : ``` version: '3' services: bitwarden: image: bitwardenrs/server:raspberry restart: unless-stopped environment: WEBSOCKET_ENABLED: 'true' ROCKET_TLS: '{certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}' LOG_FILE: '/data/bitwarden.log' SIGNUPS_ALLOWED: 'true' DATABASE_URL: '/database/bitwarden.sqlite3' ATTACHMENTS_FOLDER: '/attachments' DATA_FOLDER: '/persistent' ICON_CACHE_FOLDER: '/icon_cache' volumes: - bw-data:/persistent - bw-database:/database - bw-attachments:/attachments - ssl:/ssl - icon_cache:/icon_cache ports: - 8000:80 networks: - bitwarden-network volumes: bw-data: driver: local driver_opts: type: nfs o: addr=192.168.**.**,rw,nolock device: ":/****/****/bitwarden/Raspberry-PI/bw-data" bw-database: driver: local driver_opts: type: nfs o: addr=192.168.**.**,rw,nolock device: ":/****/****/bitwarden/Raspberry-PI/bw-database" ssl: driver: local driver_opts: type: nfs o: addr=192.168.**.**,rw,nolock device: ":/****/****/bitwarden/Raspberry-PI/ssl" icon_cache: driver: local driver_opts: type: nfs o: addr=192.168.**.**,rw,nolock device: ":/****/****/bitwarden/Raspberry-PI/icon_cache" bw-attachments: driver: local driver_opts: type: nfs o: addr=192.168.**.**,rw,nolock device: ":/****/****/bitwarden/Raspberry-PI/bw-attachments" networks: bitwarden-network: driver: bridge ipam: config: - subnet: 172.23.4.0/29 ``` Then i searched for some help about this error and i saw this issue : https://github.com/dani-garcia/bitwarden_rs/issues/806#issue-546060510 so i tried to make a test with this code : `docker run -d --name='bitwarden' -e 'SIGNUPS_ALLOWED'='true' -e ROCKET_TLS='{certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}' -p 8343:80/tcp -v /root/bitwarden/test/:/data/:rw -v /root/bitwarden/test/:/ssl/ bitwardenrs/server:raspberry` it didn't work and i got the same error. i did many tests with my own openssl certificate and i also tried this one : https://github.com/dani-garcia/bitwarden_rs/wiki/Private-CA-and-self-signed-certs-that-work-with-Chrome Do you have any idea where this error comes from ? Please help me, thx

OVERLORD added the better for forum label 2026-02-04 22:21:03 +03:00

OVERLORD closed this issue

2026-02-04 22:21:04 +03:00

OVERLORD commented

2026-02-04 22:21:06 +03:00

@BlackDex commented on GitHub (Jun 13, 2020):

I have no clue exactly, but there is a huge difference in your test docker run and the first example.
In the test run you are not using any remote volumes at all, but just locale storage, could it be an issue between the NFS share and docker which are having issues?

Else it looks fine by me and no idea why this happens.

@BlackDex commented on GitHub (Jun 13, 2020): I have no clue exactly, but there is a huge difference in your test docker run and the first example. In the test run you are not using any remote volumes at all, but just locale storage, could it be an issue between the NFS share and docker which are having issues? Else it looks fine by me and no idea why this happens.

OVERLORD commented

2026-02-04 22:21:08 +03:00

@Doceran commented on GitHub (Jun 14, 2020):

Hi.

i know the test isnt the same for the volumes. i did it on purpose.
As i said, the volumes are working all the files appears in the nas folders and the nfs volume folder is the same for other containers and the configuration for nfs is also the same. those containers are working.
i also got really no idea why i got this error but i'm sur it doesn't come from the NAS nfs folder.

@Doceran commented on GitHub (Jun 14, 2020): Hi. i know the test isnt the same for the volumes. i did it on purpose. As i said, the volumes are working all the files appears in the nas folders and the nfs volume folder is the same for other containers and the configuration for nfs is also the same. those containers are working. i also got really no idea why i got this error but i'm sur it doesn't come from the NAS nfs folder.

OVERLORD commented

2026-02-04 22:21:11 +03:00

@drkeni9ma commented on GitHub (Jul 2, 2020):

/root/bitwarden/test/:/ssl/

Are your cert and key files in /root/bitwarden/test?

We have the same issue and I got mine working by changing it to /ssl/:/ssl/
All my cert and key files are in /ssl/
In my understanding :

@drkeni9ma commented on GitHub (Jul 2, 2020): > /root/bitwarden/test/:/ssl/ Are your cert and key files in /root/bitwarden/test? We have the same issue and I got mine working by changing it to /ssl/:/ssl/ All my cert and key files are in /ssl/ In my understanding <host> : <container>

OVERLORD commented

2026-02-04 22:21:16 +03:00

@BlackDex commented on GitHub (Nov 18, 2020):

Closing this ticket because of inactivity.
Feel free to continue this discussion on the forum: https://bitwardenrs.discourse.group/

We suggest to use a reverse-proxy for ssl-offloading, because reverse proxy are better in handling SSL.
Also checkout some of the updated/new wiki articles:
https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-HTTPS
https://github.com/dani-garcia/bitwarden_rs/wiki/Running-a-private-bitwarden_rs-instance-with-Let%27s-Encrypt-certs
https://github.com/dani-garcia/bitwarden_rs/wiki/Private-CA-and-self-signed-certs-that-work-with-Chrome

@BlackDex commented on GitHub (Nov 18, 2020): Closing this ticket because of inactivity. Feel free to continue this discussion on the forum: https://bitwardenrs.discourse.group/ We suggest to use a reverse-proxy for ssl-offloading, because reverse proxy are better in handling SSL. Also checkout some of the updated/new wiki articles: https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-HTTPS https://github.com/dani-garcia/bitwarden_rs/wiki/Running-a-private-bitwarden_rs-instance-with-Let%27s-Encrypt-certs https://github.com/dani-garcia/bitwarden_rs/wiki/Private-CA-and-self-signed-certs-that-work-with-Chrome

OVERLORD referenced this issue

2026-02-05 04:56:04 +03:00

[PR #725] [MERGED] Added tv.apple.com to global domains #2766

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#725