I have a self host vaultwarden Version 1.23.0 server running. I have a valid cert using letsencrypt, working SNI (reverse DNS) and the browser extension works just fine.
However, the IOS bitwarden app gives me an error: “An SSL error has occured and a secure connction to the server cannot be made”
I get no errors and the docker log has nothing of value. Just
[INFO] No .env file found.
[2021-10-22 17:40:24.171][start][INFO] Rocket has launched from https://0.0.0.0:80
Any ideas?
Any update for the iPhone?
What about the type of proxy you are using on the frontend, what are you using and how long ago did this crop up?
May be related to LE root certificate expiring
phone is up to date
I am not using a proxy. I just am using docker and another IP I have on that server. I have a /29
This is a brand new install. I had never heard of vaultwarden before yesterday 
Cert expires: Wed, 19 Jan 2022 20:52:13 GMT
ISRG Root expires: Mon, 04 Jun 2035 11:04:38 GMT
All the cert stuff looks great. . This is my startup command.
docker run -d --name vaultwarden -e ROCKET_TLS='{certs="/ssl/cert1.pem",key="/ssl/privkey1.pem"}' -e ADMIN_TOKEN=[BIFUNSTRING] -v /etc/letsencrypt/archive/warden.[HOSTNAME]/:/ssl/ -v /usr/local/vaultwarden/vw-data/:/data/ -p [IP]:443:80 vaultwarden/server:latest
Ahh I see, I would recommend looking at this note then, possibly might be a solution.
Make sure that your certificate file includes the full chain of trust.
As described in the wiki
I would also check and make sure that the cert is a wildcard cert i.e. *.domain.com
As I know some issues with a cert that has multiple domains listed i.e. sub1.domain.com, vaultwarden.domain.com
This may also be a cert issue with new iOS 13 requirements
Gotcha, ok this makes sense. It’s certs and that’s why Rocket isn’t the way to go.
I reconfigured as a reverse proxy and let nginx handle the ssl and it works. Thank you!