Problem with web login on Chrome browser
-
wrote on Oct 12, 2023, 12:35 PM last edited by
Hi,
I'm writing another topic a little related to the certificate, and I do not know if other people have a similar problem.
For the past month I have noticed that on a Windows computer, I happen to have 11.
Having the certificate from Let's Encrypt and enabled protection built into Chrome when logging into the manager via web, it doesn't want to load the database at all. Testing on a laptop where I have Linux Mint - it works without a problem.Going back to Windows 11, for the test I turned off protection in Chrome - it started to load the database correctly.
After this test, I thought I would upload the paid certificate that I still have until November (RSA4096) it started to load the database correctly with protection enabled in Chrome on Windows 11.
I'm wondering why Let's Encrypt on Windows with Chrome protection enabled is affecting the Vaultwarden malfunction
Adding to that, in the desktop app and the browser extension works without a problem.
-
wrote on Oct 12, 2023, 1:02 PM last edited by
-
Why do you think the errors are certificate related? From the screenshots, the errors are CSP related. The browser is blocking calls to
bitwarden.com
and rightly so, since the thing is selfhosted and doesn't requirebitwarden.com
-
Why do you think the errors are certificate related? From the screenshots, the errors are CSP related. The browser is blocking calls to
bitwarden.com
and rightly so, since the thing is selfhosted and doesn't requirebitwarden.com
wrote on Oct 13, 2023, 7:48 AM last edited byWith R3 we have ECC 384 encryption is a problem with logging in precisely because of CSP and with an incorrect token as in the screen shot above. And switching to paid with RSA 4096 encryption works without any problem.
-
wrote on Oct 13, 2023, 6:32 PM last edited by
Sorry for the previous posts.
It just turns out that something may have been up with Chrome on Windows.
On September 6, they released a new version 117, where they disabled SHA-1 fingerprint, and since then I've had problems with the token on Let's Encrypt certificates with ECC 384bit.
Only today after updating to version 118, it just started working as it should properly even in the „Enchanced protection” mode in the security built into Chrome.