Add info about how to fix #176

This commit is contained in:
Daniel García 2018-11-09 16:24:45 +01:00 committed by GitHub
parent 1e9dd2fd4e
commit dd00591082
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -195,17 +195,19 @@ docker run -d --name bitwarden \
``` ```
Note that you need to mount ssl files and you need to forward appropriate port. Note that you need to mount ssl files and you need to forward appropriate port.
Due to what is likely a certificate validation bug in Android, you need to make sure that your certificate includes the full chain of trust. In the case of certbot, this means using `fullchain.pem` instead of `cert.pem`.
Softwares used for getting certs are often using symlinks. If that is the case, both locations need to be accessible to the docker container. Softwares used for getting certs are often using symlinks. If that is the case, both locations need to be accessible to the docker container.
Example: [certbot](https://certbot.eff.org/) will create a folder that contains the needed `cert.pem` and `privacy.pem` files in `/etc/letsencrypt/live/mydomain/` Example: [certbot](https://certbot.eff.org/) will create a folder that contains the needed `fullchain.pem` and `privkey.pem` files in `/etc/letsencrypt/live/mydomain/`
These files are symlinked to `../../archive/mydomain/mykey.pem` These files are symlinked to `../../archive/mydomain/privkey.pem`
So to use from bitwarden container: So to use from bitwarden container:
```sh ```sh
docker run -d --name bitwarden \ docker run -d --name bitwarden \
-e ROCKET_TLS='{certs="/ssl/live/mydomain/cert.pem",key="/ssl/live/mydomain/privkey.pem"}' \ -e ROCKET_TLS='{certs="/ssl/live/mydomain/fullchain.pem",key="/ssl/live/mydomain/privkey.pem"}' \
-v /etc/letsencrypt/:/ssl/ \ -v /etc/letsencrypt/:/ssl/ \
-v /bw-data/:/data/ \ -v /bw-data/:/data/ \
-p 443:80 \ -p 443:80 \