[GH-ISSUE #630] Ecc certificate is not available #425

New issue

Closed

opened 2026-03-03 01:29:00 +03:00 by kerem · 2 comments

kerem commented 2026-03-03 01:29:00 +03:00

Owner

Copy link

Originally created by @loveqianool on GitHub (Sep 21, 2019).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/630

Use acme.sh certificate issued ecc unavailable
acme.sh --issue --dns dns_cf -d example.com -d '*.example.com' -k ec-256

[2019-09-21 14:40:48][rocket::config::error][ERROR] environment variable ROCKET_TLS={certs="/ssl/example.pem",key="/ssl/example.key"} could not be parsed
[2019-09-21 14:40:48][_][INFO] expected a valid private key file, but found malformed PEM file
Logger failed to initialize: attempted to set a logger after the logging system was already initialized

Originally created by @loveqianool on GitHub (Sep 21, 2019). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/630 Use acme.sh certificate issued ecc unavailable `acme.sh --issue --dns dns_cf -d example.com -d '*.example.com' -k ec-256` ``` [2019-09-21 14:40:48][rocket::config::error][ERROR] environment variable ROCKET_TLS={certs="/ssl/example.pem",key="/ssl/example.key"} could not be parsed [2019-09-21 14:40:48][_][INFO] expected a valid private key file, but found malformed PEM file Logger failed to initialize: attempted to set a logger after the logging system was already initialized ```

kerem closed this issue 2026-03-03 01:29:00 +03:00

kerem commented 2026-03-03 01:29:01 +03:00

Author

Owner

Copy link

@dani-garcia commented on GitHub (Sep 23, 2019):

Hmm never tried with ECDSA certificates, they might not be compatible. I'd recommend you use a reverse proxy in front of the server which is likely to be more performant than Rockets TLS implementation. Proxy examples here.

Otherwise, you might need to use an RSA certificate.

<!-- gh-comment-id:534217191 --> @dani-garcia commented on GitHub (Sep 23, 2019): Hmm never tried with ECDSA certificates, they might not be compatible. I'd recommend you use a reverse proxy in front of the server which is likely to be more performant than Rockets TLS implementation. [Proxy examples here](https://github.com/dani-garcia/bitwarden_rs/wiki/Proxy-examples). Otherwise, you might need to use an RSA certificate.

kerem commented 2026-03-03 01:29:01 +03:00

Author

Owner

Copy link

@loveqianool commented on GitHub (Sep 24, 2019):

Yes, I am using caddy now, it works very well. Thank you.

<!-- gh-comment-id:534611376 --> @loveqianool commented on GitHub (Sep 24, 2019): Yes, I am using caddy now, it works very well. Thank you.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

revert-7033-patch-1

cached-config-operations

test_dylint

1.35.8

1.35.7

1.35.6

1.35.5

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels   

SSO

  

Third party

  

better for forum

  

bug

  

bug

  

documentation

  

duplicate

  

enhancement

  

future Vault

  

future Vault

  

future Vault

  

good first issue

  

help wanted

  

low priority

  

notes

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

troubleshooting

  

wontfix

No labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

question

troubleshooting

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/vaultwarden#425

No description provided.