[GH-ISSUE #1445] iOS App + Custom CA = SSL Error #963

New issue

Closed

opened 2026-03-03 02:05:03 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 02:05:03 +03:00

Owner

Originally created by @DaCHack on GitHub (Feb 27, 2021).
Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1445

Subject of the issue

I did a lot of research and found a lot of hints but anyways did not get my iOS app to work.
My iOS 14.4 on iPad Pro does not accept the server's certificate even though the root CA was added as a .p12-profile.
On Windows 10 / Google Chrome everything works like a charm.
Any chance that you can help me fix this? Or am I fighting a bug here?

Your environment

Bitwarden_rs version: 2.18.1 installed as docker image on Raspberry OS
Clients used: iOS Bitwarden client, Safari
Reverse proxy and version: none

Steps to reproduce

Clean install of bitwarden via docker image on host "server" with IP 192.168.1.4 on port 8000
Root CA created via XCA
(SHA-512,
X509v3 Key Usage critical: Digital Signature, Key Encipherment, Data Encipherment, Key Agreement, Certificate Sign, CRL Sign
X509v3 Extended Key Usage critical: TLS Web Server Authentication)
Create server certificate via XCA
(X509v3 Extended Key Usage: TLS Web Server Authentication
X509v3 Subject Alternative Name: IP Address:192.168.1.1, IP Address:192.168.1.2, IP Address:192.168.1.3, IP Address:192.168.1.4, DNS:*.fritz.box, DNS:server.fritz.box
Try to connect to https://192.168.1.4:8000 or https://server.fritz.box:8000 via Safari, Bitwarden iOS app or Windows/Chrome

Expected behaviour

Webinterface shows with valid certificate
iOS connects to the vault without issues
Some websites indicate that one should see the imported root CA in iOS under "General" -> "Info" ->"Certificate Trust..." but for me it is not visible there. Other websites indicate that this is not needed anymore as long as the CA is showing as "validated" under "General" --> "Profiles" (which is true for me)

Actual behaviour

Webinterface shows invalid certificate
iOS shows SSL error when trying to login

Originally created by @DaCHack on GitHub (Feb 27, 2021). Original GitHub issue: https://github.com/dani-garcia/vaultwarden/issues/1445 ### Subject of the issue I did a lot of research and found a lot of hints but anyways did not get my iOS app to work. My iOS 14.4 on iPad Pro does not accept the server's certificate even though the root CA was added as a .p12-profile. On Windows 10 / Google Chrome everything works like a charm. Any chance that you can help me fix this? Or am I fighting a bug here? ### Your environment * Bitwarden_rs version: 2.18.1 installed as docker image on Raspberry OS * Clients used: iOS Bitwarden client, Safari * Reverse proxy and version: none ### Steps to reproduce - Clean install of bitwarden via docker image on host "server" with IP 192.168.1.4 on port 8000 - Root CA created via XCA (SHA-512, X509v3 Key Usage critical: Digital Signature, Key Encipherment, Data Encipherment, Key Agreement, Certificate Sign, CRL Sign X509v3 Extended Key Usage critical: TLS Web Server Authentication) - Create server certificate via XCA (X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Subject Alternative Name: IP Address:192.168.1.1, IP Address:192.168.1.2, IP Address:192.168.1.3, IP Address:192.168.1.4, DNS:*.fritz.box, DNS:server.fritz.box - Try to connect to https://192.168.1.4:8000 or https://server.fritz.box:8000 via Safari, Bitwarden iOS app or Windows/Chrome ### Expected behaviour - Webinterface shows with valid certificate - iOS connects to the vault without issues Some websites indicate that one should see the imported root CA in iOS under "General" -> "Info" ->"Certificate Trust..." but for me it is not visible there. Other websites indicate that this is not needed anymore as long as the CA is showing as "validated" under "General" --> "Profiles" (which is true for me) ### Actual behaviour - Webinterface shows invalid certificate - iOS shows SSL error when trying to login