github-starred/vaultwarden
2
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-05-07 21:15:39 -05:00
Code Issues 266 Packages Projects Releases 82 Wiki Activity

[GH-ISSUE #1077] Apple SMTP certificate validation error #13551

New Issue
Closed
opened 2026-04-23 05:10:54 -05:00 by GiteaMirror · 8 comments
GiteaMirror commented 2026-04-23 05:10:54 -05:00
Owner
Copy Link

Originally created by @sherzinger on GitHub (Aug 1, 2020).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1077

Subject of the issue

Apple SMTP server cannot be used because of certificate validation error.

Your environment

  • Bitwarden_rs version: 1.15.1-1e950c7d
  • Install method: docker

Steps to reproduce

Used the settings as described here (with and without TLS) https://support.apple.com/en-us/HT202304
Not much room for error.

Relevant logs

Screenshot 2020-08-01 at 16 14 14
Originally created by @sherzinger on GitHub (Aug 1, 2020). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1077 ### Subject of the issue Apple SMTP server cannot be used because of certificate validation error. ### Your environment * Bitwarden_rs version: 1.15.1-1e950c7d * Install method: docker ### Steps to reproduce Used the settings as described here (with and without TLS) https://support.apple.com/en-us/HT202304 Not much room for error. ### Relevant logs <img width="897" alt="Screenshot 2020-08-01 at 16 14 14" src="https://user-images.githubusercontent.com/11333940/89103472-71aec380-d412-11ea-85a4-9a5c1aef73e3.png">
GiteaMirror added the better for forum label 2026-04-23 05:10:54 -05:00
GiteaMirror commented 2026-04-23 05:10:58 -05:00
Author
Owner
Copy Link

@sherzinger commented on GitHub (Aug 2, 2020):

Possible duplicate of #1037

<!-- gh-comment-id:667700223 --> @sherzinger commented on GitHub (Aug 2, 2020): Possible duplicate of #1037
GiteaMirror commented 2026-04-23 05:10:59 -05:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Aug 16, 2020):

As stated in #1045 already. You can try these options.

You can try to add the CA cert your self by using the startup script @jjlin created: https://github.com/dani-garcia/bitwarden_rs/wiki/Starting-a-Container#customizing-container-startup

Or you can make sure the docker host has the CA installed correctly and do a read-only mount the /etc/ssl/certs folder within docker by using -v /etc/ssl/certs:/etc/ssl/certs:ro this should include all the ca certs your host allows within the docker container.

And you probably need to mount the following also as a read only:
-v /usr/share/ca-certificates/mozilla:/usr/share/ca-certificates/mozilla:ro

<!-- gh-comment-id:674533197 --> @BlackDex commented on GitHub (Aug 16, 2020): As stated in #1045 already. You can try these options. You can try to add the CA cert your self by using the startup script @jjlin created: https://github.com/dani-garcia/bitwarden_rs/wiki/Starting-a-Container#customizing-container-startup Or you can make sure the docker host has the CA installed correctly and do a read-only mount the `/etc/ssl/certs` folder within docker by using `-v /etc/ssl/certs:/etc/ssl/certs:ro` this should include all the ca certs your host allows within the docker container. And you probably need to mount the following also as a read only: `-v /usr/share/ca-certificates/mozilla:/usr/share/ca-certificates/mozilla:ro`
GiteaMirror commented 2026-04-23 05:11:00 -05:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Nov 18, 2020):

@sherzinger Did you got this working? Or do you still have issues?

<!-- gh-comment-id:729630024 --> @BlackDex commented on GitHub (Nov 18, 2020): @sherzinger Did you got this working? Or do you still have issues?
GiteaMirror commented 2026-04-23 05:11:00 -05:00
Author
Owner
Copy Link

@gaby commented on GitHub (Mar 5, 2022):

@BlackDex I'm also running into this issue. Adding a script with 'update-ca-certificates" still prompts the same error. Vaultwarden really needs an easy way to just provide a Custom CA. Custom CA's are super common in airgap/enterprise environments.

<!-- gh-comment-id:1059851221 --> @gaby commented on GitHub (Mar 5, 2022): @BlackDex I'm also running into this issue. Adding a script with 'update-ca-certificates" still prompts the same error. Vaultwarden really needs an easy way to just provide a Custom CA. Custom CA's are super common in airgap/enterprise environments.
GiteaMirror commented 2026-04-23 05:11:01 -05:00
Author
Owner
Copy Link

@BlackDex commented on GitHub (Mar 6, 2022):

@gaby did you mounted the volumes from the host or added the CA via a script?
If using the Ubuntu (and i think even Alpine) image you could try to add the CA's to /usr/share/ca-certificates and run update-ca-certificates that should do the trick.

<!-- gh-comment-id:1059856006 --> @BlackDex commented on GitHub (Mar 6, 2022): @gaby did you mounted the volumes from the host or added the CA via a script? If using the Ubuntu (and i think even Alpine) image you could try to add the CA's to `/usr/share/ca-certificates` and run `update-ca-certificates` that should do the trick.
GiteaMirror commented 2026-04-23 05:11:02 -05:00
Author
Owner
Copy Link

@gaby commented on GitHub (Mar 6, 2022):

I'd give that a try. thanks

<!-- gh-comment-id:1060040368 --> @gaby commented on GitHub (Mar 6, 2022): I'd give that a try. thanks
GiteaMirror commented 2026-04-23 05:11:02 -05:00
Author
Owner
Copy Link

@gaby commented on GitHub (Mar 8, 2022):

Got it working:

For future person with the same error:

init.sh

#!/bin/sh
set -e -x

update-ca-certificates

Mount init.sh to /etc/vaultwarden.sh

Copy your CA to a folder and then mount it to:

/path/to/your/ca/:/usr/share/ca-certificates/extras

<!-- gh-comment-id:1061283263 --> @gaby commented on GitHub (Mar 8, 2022): Got it working: For future person with the same error: init.sh ``` #!/bin/sh set -e -x update-ca-certificates ``` Mount `init.sh` to /etc/vaultwarden.sh Copy your CA to a folder and then mount it to: `/path/to/your/ca/:/usr/share/ca-certificates/extras`
GiteaMirror commented 2026-04-23 05:11:03 -05:00
Author
Owner
Copy Link

@ch4r13 commented on GitHub (Jan 18, 2024):

Got it working:

For future person with the same error:

init.sh

#!/bin/sh
set -e -x

update-ca-certificates

Mount init.sh to /etc/vaultwarden.sh

Copy your CA to a folder and then mount it to:

/path/to/your/ca/:/usr/share/ca-certificates/extras

It's not working for me. I've got everything I suppose as you.

Updating certificates in /etc/ssl/certs...

/usr/sbin/update-ca-certificates: 101: cannot create /etc/ssl/certs/ca-certificates.crt.new: Permission denied
<!-- gh-comment-id:1897982789 --> @ch4r13 commented on GitHub (Jan 18, 2024): > Got it working: > > For future person with the same error: > > init.sh > > ``` > #!/bin/sh > set -e -x > > update-ca-certificates > ``` > > Mount `init.sh` to /etc/vaultwarden.sh > > Copy your CA to a folder and then mount it to: > > `/path/to/your/ca/:/usr/share/ca-certificates/extras` It's not working for me. I've got everything I suppose as you. ``` Updating certificates in /etc/ssl/certs... /usr/sbin/update-ca-certificates: 101: cannot create /etc/ssl/certs/ca-certificates.crt.new: Permission denied ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
wontfix
No Label better for forum
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#13551
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?