mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2026-02-05 00:29:40 +03:00
Cant log into to Server with Android. #86
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @molten360 on GitHub (Sep 12, 2018).
After a recent update to the android app last week, im no longer able to log into my server using the android app. I have tried two different servers based off this deployment. Every time I attempt to log in, I receive the error "An error has occurred. There is a problem connecting to the server" Web browser, desktop and chrome extension function normally.
@mprasil commented on GitHub (Sep 12, 2018):
Which version of app is that? Do you see any logs on the server side?
@molten360 commented on GitHub (Sep 12, 2018):
App Version is 1.18.1 updated on Aug 21 2018. Honestly. I wouldnt know where to look for logs. Point me in a direction and Ill hunt.
@mprasil commented on GitHub (Sep 12, 2018):
I'm using 1.18.1 myself and it seems to work fine. Are you sure you're using latest version of the image? How did you install the server? If you're using docker, make sure you do
docker pull mprasil/bitwardenbefore starting the image.@molten360 commented on GitHub (Sep 12, 2018):
I actually redeployed the latest image from mprasil/bitwarden this morning from scratch to make sure it wasnt an outdated container not updating. Again, the web page, windows desktop app and chrome extension works, but my Samsung S7 does not. I even tried another S7 on a different provider to make sure.
@mprasil commented on GitHub (Sep 12, 2018):
First do:
That should give you the container ID (the first hash string in the output) Then you can do:
Obviously replace
CONTAINER_IDwith an actual id. This will start monitoring the server logs. (ctrl+c to cancel) Now try to log in with your android app and see if you can see any logs on the server.@mprasil commented on GitHub (Sep 12, 2018):
Also please do
docker inspect CONTAINER_ID -f '{{ .Image }}'to double check the image version. It should start with:@dobunzli commented on GitHub (Sep 12, 2018):
I don’t know if this can help, but I had problems connecting from the outside to Bitwarden with my mobile as long as I had not issued « a real » let’encrypt certificat for my serveur domain... so maybe check this.
For the raspberry image, thanks ! As I am on the run, I will not ne able to test before this evening.... but will give feed-back
Envoyé d'un mobile
@molten360 commented on GitHub (Sep 12, 2018):
It's something with my vps. Deployed it locally and it worked on android.
It's like the android app wouldn't connect to the vps but the webpage works
On Wed, Sep 12, 2018, 11:39 AM dobunzli, notifications@github.com wrote:
@janost commented on GitHub (Sep 12, 2018):
Experiencing a similar issue running the app a Honor 8 phone. Using the same server instance from a OnePlus 5T works great, so I believe it's not an issue with bitwarden_rs. Haven't had time to debug it yet, but when I do I will report back with my findings.
@mprasil commented on GitHub (Sep 13, 2018):
Hi, are you using https? The difference between the OS versions might be the answer here, I've seen some older Androids not trusting let's encrypt certificates.
@janost commented on GitHub (Sep 13, 2018):
Hello, yes, I'm using HTTPS with a Let's Encrypt cert. The Honor 8 is running the latest official firmware based on Android 7.0, the 5T is running 8.1.0.
I tried running logcat through USB debugging but I couldn't really see any relevant error messages about the Bitwarden connection issue.
@dani-garcia commented on GitHub (Sep 13, 2018):
@janost If you access the web vault from the Honor phone, do you get a certificate error?
If so, you may need to add Let's Encrypt certificates to your phone (https://letsencrypt.org/certificates/).
Another option that may work is adding those Let's Encrypt certificates to your PEM file, something like:
@janost commented on GitHub (Sep 21, 2018):
Sorry for the late update on this. No, I don't get a certificate error on the web vault, the issue doesn't seem like a TLS error and also it's not an issue with bitwarden_rs.
People randomly experience it according to some bug reports like this one. Something in the Android app is broken bot nobody seems to be able to figure out exactly what.
@dani-garcia commented on GitHub (Sep 21, 2018):
Did you try to bundle your cert with the Let's Encrypt root and intermediate certs like I mentioned? That seems to solve the issue for a user there,
@janost commented on GitHub (Sep 21, 2018):
Yes, I tried that and it didn't solve my issue.
@rootty commented on GitHub (Oct 3, 2018):
Hi all, I experienced a similar issue. I'm using letsencrypt for HTTPS. Yes, it works with plugin, browser, even android firefox browser. But for native apps trusted chain is required. So I replaced this line
certs="/ssl/live/mydomain/cert.pem",...with this onecerts="/ssl/live/mydomain/fullchain.pem",.... Now your certificate is trusted by most OSes and rated with A score here https://www.ssllabs.com/ssltest/@jceloria commented on GitHub (Oct 6, 2018):
Brand new deployment in docker today behind an Apache reverse proxy terminating a letsencrypt cert with oauth2 authentication (mod_auth_openidc). Chrome on Android works great, app does not.
I just disabled the oauth2 authentication and it works
@mprasil commented on GitHub (Oct 6, 2018):
Not sure if app supports oauth2, so that definitely might be an issue.
@jceloria commented on GitHub (Oct 6, 2018):
Thanks @mprasil, that was in fact the problem.
@mio-moto commented on GitHub (Oct 25, 2018):
I got the same problem, no oauth. It's a fresh installation, LE-certs, everything is fine, even the OSX app works just fine.
The docket container is behind a nginx reverse proxy, websockets do just fine. However, looking through the access.log any kind of request is missing from the app, which leads me to suspect an issue with the app refusing to connect to begin with.
Edit: on an unrelated note: The websockets didn't work until I used the fullchain certificate on any of my systems - that might be worthwhile to update in the readme, since it suggest LE certs already.
Edit: I figured out my problem:
2018/10/26 06:30:43 [error] 8921#8921: OCSP_basic_verify() failed (SSL: error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found) while requesting certificate status, responder: ocsp.int-x3.letsencrypt.orgStill not exactly sure why the browser(s) had no problem with it at all.
@TheManchineel commented on GitHub (Nov 2, 2018):
I have managed to solve this issue. It's most likely related to some certificate validation bug in Android itself, as the same app already worked flawlessly on iOS. It is by no means related to bitwarden_rs itself. The solution, as others suggested, was to use the fullchain.pem certificate instead of cert.pem. In my specific setup, there is an extra cause I could attribute this to: a certificate mismatch between my main web service running on port 443 and my bitwarden_rs install on another port.
@andre1808 commented on GitHub (Nov 5, 2018):
Can you explain how/where you did that?
-edit-
I've got it working - finally!
What I did is to remove the CA certificate from the config.yml (I'm using docker)
I've combined my CA certificate with the server certificate and only used them. After a /bitwarden.sh rebuild my Android App is finally working again!
@dani-garcia commented on GitHub (Nov 9, 2018):
Well, now that there is a solution, I'm closing this issue. I docummented it a bit on the readme for future uses.
@ZXant commented on GitHub (Jun 2, 2020):
Had Android connectivity problems with Android, till found Andre1808 post (cat cert chain >> certificate.crt)
That is combine "cert" and "chain" into a single file:
'# cat cert chain >> certificate.crt