mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2026-07-16 08:54:01 -05:00
[GH-ISSUE #7190] [SSO] Private certificate doesn't work with RustSSL #35590
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @Timothee-Flechelle on GitHub (May 5, 2026).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/7190
Prerequisites
Vaultwarden Support String
Your environment (Generated via diagnostics page)
Config & Details (Generated via diagnostics page)
Show Config & Details
Config:
Vaultwarden Build Version
v1.35.3
Deployment method
Official Container Image
Custom deployment method
No response
Reverse Proxy
nginx
Host/Server Operating System
Linux
Operating System Version
No response
Clients
Web Vault
Client Version
No response
Steps To Reproduce
Expected Result
Expeted a redirection to sso client (keycloak on my case)
Actual Result
Raise an error "Failed to discover OpenID provider: Request failed"
Logs
Screenshots or Videos
{
"message": "Failed to discover OpenID provider: Request failed",
"validationErrors": {
"": [
"Failed to discover OpenID provider: Request failed"
]
},
"errorModel": {
"message": "Failed to discover OpenID provider: Request failed",
"object": "error"
},
"error": "",
"error_description": "",
"exceptionMessage": null,
"exceptionStackTrace": null,
"innerExceptionMessage": null,
"object": "error"
}
Additional Context
My SSO connection was working on v1.35.3 and earlier versions, but since the migration from native-TLS to rustls-TLS (see image), I have been unable to connect Vaultwarden to Keycloak.
I suspect the issue comes from my certificate, as it is a private certificate, and I have seen similar bug reports. The certificate is properly integrated into the project and works with older versions.