Open ppwl4fgslYAkwIafwbEUSsFw7umeFVgSfn3bASf opened 1 year ago
This may be related to #582.
Same issue, Bitwarden application does not appear to support PKCS#12 client cert authentication to my self-hosted instance, hitting my firewall, which drops if no client cert is presented. This works fine via browser & firefox extension.
Same issue here on Android after importing PKCS certificate with full CA
TLS client authentication with nginx reverse proxy works well on
NOT working on Android mobile app version 2022.10.0
Popup message during login "Si è verificato un errore"
Steps To Reproduce
on the self-hosted Bitwarden server side, I am using Stunnel with verify = 2 enforce peer certificate verification, then I am using the same CA to generate a user certificate, when I check stunnel log, I see this,
SSL_accept: ssl/statem/statem_srvr.c:3697: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate
But my Android phone already installed the key![image](https://user-images.githubusercontent.com/581053/189546799-cebe6786-a3b4-4c08-afc3-f4f31999dfe1.png)
Why Bitwarden Android app can't utilize that key? When I try to use the same setup on desktop firefox, everything goes fine and client certificate could verify without issue.
Expected Result
TLS client certificate should work
Actual Result
User certificate failed to recognize by Bitwarden Android app
Screenshots or Videos
No response
Additional Context
Stunnel config,
docker run -itd --name bitwarden_ssl --link bitwarden:bitwarden_ssl \ -e STUNNEL_VERIFY=3 \ -e STUNNEL_SERVICE=bitwarden \ -e STUNNEL_ACCEPT=443 \ -e STUNNEL_CONNECT=bitwarden:80 \ -e STUNNEL_CAFILE=/etc/stunnel/rootCA.pem \ -p 8080:443 \ -v /bitwarden-data/ssl/host.org-key.pem:/etc/stunnel/stunnel.key:ro \ -v /bitwarden-data/ssl/host.org.pem:/etc/stunnel/stunnel.pem:ro \ -v /bitwarden-data/ssl/rootCA.pem:/etc/stunnel/rootCA.pem:ro \ dweomer/stunnel
Operating System
Android
Operating System Version
No response
Device
Huawei Mate 20 Pro
Build Version
2022.8.0 (4911)
Beta