search

bitwarden / sdk

Bitwarden SDK
Other
231 stars 36 forks source link

Using bws cli on Windows Server 2012 failing with os error code -2146893018. #719

Closed mschaefer-gresham closed 4 months ago

mschaefer-gresham commented 5 months ago

Steps To Reproduce

Expected Result

[ { "id": "my-id", "organizationId": "my-org-id", "name": "my-prpject-name", "creationDate": "2023-05-26T09:04:22.914031600Z", "revisionDate": "2023-05-26T09:04:22.914031700Z" } ]

Actual Result

C:\dev>bws list projects Error: 0: ←[91merror sending request for url (https://identity.bitwarden.com/connect/token): error trying to connect: The message received was u nexpected or badly formatted. (os error -2146893018)←[0m 1: ←[91merror trying to connect: The message received was unexpected or badly formatted. (os error -2146893018)←[0m 2: ←[91mThe message received was unexpected or badly formatted. (os error -2146893018)←[0m

Location: ←[35mcrates\bws\src\main.rs←[0m:←[35m334←[0m

Backtrace omitted. Run with RUST_BACKTRACE=1 environment variable to display it. Run with RUST_BACKTRACE=full to include source snippets.

Screenshots or Videos

No response

Additional Context

The error code -2146893018 typically indicates a problem related to cryptographic operations on Windows systems. Specifically, it often corresponds to errors with cryptographic functions like those used for SSL/TLS connections or certificate operations.

I've tested on a Mac, and Windows 11, and Windows Server 2019, and it works fine.

Operating System

Windows

Operating System Version

2012 R2

Build Version

0.4.0

Issue Tracking Info

Hinton commented 5 months ago

Hi @mschaefer-gresham,

Error code -2146893018 is 0x80090326 which generally indicates an issue negotiating TLS certificates. Most likely the windows 2012 build doesn't support modern TLS cipher suites and needs to be updated. You can investigate if there are available updates for Windows Server 2012 that supports the required cipher suites or if there are other ways to enable it. Unfortunately windows 2012 is end of life and Microsoft may not have backported the required updates.

You may be able to get more detailed error messages from the Windows Event Viewer describing the error in more details since 0x80090326 is very generic.

I suspect you are unable to access the bitwarden web vault either due to this same issue.

mschaefer-gresham commented 5 months ago

@Hinton yes, but this is caused by a change Bitwarden has made. This was working fine within the last two days. Was there an announcement that you would stop supporting older encryption methods (or whatever the cause is)? And can you provide some details about the change that was made?

Hinton commented 5 months ago

Hi @mschaefer-gresham,

I wasn't aware this was a recent change as that wasn't mentioned in your initial issue. I've pinged the relevant team internally and they are looking into it.

That said this isn't really the best channel for these type of issues, as it's related to our cloud infrastructure which is typically best handled by our support team at https://bitwarden.com/contact/.

mschaefer-gresham commented 5 months ago

@Hinton thank you! I wrote to support and the community forum and no one responded. So thank you for following up. We are upgrading the affected machines and got things working again, but it would be good to understand what happened.

mschaefer-gresham commented 4 months ago

@Hinton I received this explanation from the support team:

Hi Matthew,

​My name is Keith and I work in the integration team at Bitwarden, pleased to meet you!

I wanted to give you some more information on this. We have recently upgraded some of our security architecture which has resulted in the problem you have. Windows Server went EOL in October 2023 and therefore has been impacted by this change, as this product is EOL we hadn't intended to support this. I apologise that this has caused you issues, I will ensure we reach out to the product team to ensure better communication of breaking changes to older products to ensure customers have time to migrate to supported environments. ​ ​Kind regards, ​Keith