Bitwarden and iOS 12.4.8 issue!


I installed DietPi 6.34 as a Vmware Workstation 16 virtual machine. I tested your new DietPi application : Bitwarden. It works in Windows 10 with the server IP (, Firefox Plugin, Opera Extension and Bitwarden app which is amazing! I did nothing at all except installing the app in DietPi and the Bitwarden app on Windows 10.

I tried on my iPhone 5s with iOS 12.4.8 but it failed on Safari and Firefox through (; it doesn’t load any pages! Bitwarden apps gives an error message.

My goal is to use Bitwarden only at home. I don’t have a domain and don’t plan to get one even if it’s free. Any ideas how to resolved this?


I guess iOS is not accepting the self signed certificate that is used in Bitwarden from DietPi side. Are there options in iOS to allow not trusted certificates? Or can you upload own certificates inside iOS?

There is an option in iOS to allow not trusted certificates and I can upload own certificates inside iOS!

Instructions are :

  • Email the root certificate to yourself so you can access it on your iOS device
  • Click on the attachment in the email on your iOS device
  • Go to the settings app and click ‘Profile Downloaded’ near the top
  • Click install in the top right
  • Once installed, hit close and go back to the main Settings page
  • Go to “General” > “About”
  • Scroll to the bottom and click on “Certificate Trust Settings”
  • Enable your root certificate under “ENABLE FULL TRUST FOR ROOT CERTIFICATES”

I don’t see the certificate inside Bitwarden folder (/mnt/dietpi_userdata/bitwarden_rs)? I searched with Webmin but no crt files! Do I look in the wrong place?


you can convert the pem file init a crt file

openssl x509 -outform der -in your-cert.pem -out your-cert.crt

Thanks, I’ll try that in my iPhone!

I tried everything again today! Bitwarden web server works (, Firefox Plugin and Opera Extension too! Bitwarden app in Windows 10 failed? It says failed to fetch! I tought it works yesterday… It did or I forgot to test the Windows 10 app!?!

I tried both with rpi 3 and with windows 10 vmware virtual machine and I have same error message (everything else works)?
I also tried Edge browser, no issues with the web server! Is there a place that I should copy the certificate in Windows 10 to make it work with Bitwarden app?



if you found a way how to do it on iOS, let me know. This, I was not able to mange on my test device (iPhone SE, iOS 14.3)

On Windows 10 it’s pretty strait compare to iOS

  1. close Bitwarden App on W10
  2. create the .crt file on DietPi
  3. copy the file to your W10 system
  4. double click the .crt file
  5. you should get the following
  6. click install
  7. select Trusted Root CA once ask
  8. once installation finished you can double click the .crt file again to verify if it was installed correctly
  9. it should be trusted now
  10. Now you can open Bitwarden App

Many thanks, however for Windows 10 we have a guide already, which is starting with downloading the certificate from within the browser when accessing the web vault. But from opening the certificate file on it matches yours:

Ah ok missed the W10 guide. Thx MichaIng

Hi, I got the following error message after I run the command.

root@RaspberryPi:/mnt/temp# ls
root@RaspberryPi:/mnt/temp# openssl x509 -outform der -in rsa_key.pem -out rsa_key.crt
unable to load certificate
1996206096:error:0909006C:PEM routines:get_name:no start line:…/crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE


Merry Xmas stephane77

You used the wrong source file to create the .crt file. You need to use cert.pem

Or you follow the our online docs. There is a detailed description how to download/add self signed certificate on Windows 10

PS: for iOS we are still trying to figure out best way :slight_smile:

Happy holidays Joulinar! I’ll try that and keep you posted! If I find a solution for iOS, I’ll let you know. The only thing I know if it’s iOS 13 and more Apple made a change on certificates with what I read so I guess it will be complicated but I love challenges! And Btw, same thing for MacOS…


just follow our GitHub discussion. In meantime I discovered a way for iOS 14.3. It require a manual recreation of certificates with some new options to get iOS into a state to accept the self singed certificate. (Something not yet implemented into DietPi release.)

As well I would like to invite you to assist on adjusting our online docs as we missing MacOS for instance

Thanks Joulinar!

It works in Windows 10 app right away! I found out why it’s failling on iOS 12 and up and as well with latest Mac OS 10 updates including new OS 11! Apple apply new restrictions to self signed certificates!

Your certificate in Windows 10 is good until 2040 which is fine with Microsoft but Apple, guess what, doesn’t like that… !!!
As per Apple recommandation the certificate should be : “We recommend that certificates be issued with a maximum validity of 397 days.”

This brings another question, can you make a new update eventually where DietPi will update certificates automatically for Bitwarden and maybe any other apps that use certificates too? Or force certificates renewal on every DietPi updates? You might eventually add a MOTD when we do SSH saying that your certificated will expire shortly, we have a new one created ready at /ssl folder… Or add a section below MOTD : Certificates notice or whatever important message you want share with your users!


I don’t have Mac OS yet but I plan to get one eventually. Mac OS 11 interested me a lot (very good reviews), so for time being I can’t test it! With google search on my end this is how I found out this issue about both ios and mac and even if I’m below ios 13, i’m still affected according to some users on the internet.

If I do find a possible solution, even without having a mac, I’ll be more than please to share the link on the internet so any users on this forum could test it!


I testes a self singed certificate with a running time of 20 year without issues on my test iPhone SE running iOS 14.3.

It was accepted in profiles

with a run time until 2040

and I could activate it within Certificate Trust Settings


It failed on iOS and install on my rpi 3 was so long… I was also having issue updating Pi-Hole and after Pi-Hole updates I could not surf anymore… I reinstall DietPi from scratch. Now Pi-Hole works properly and no surfing issue. I found a way for Bitwarden to get installed very quickly! Everything works except iOS, I can go in profile and activate it but it doesn’t work. I did the following :

mkdir -p /mnt/bitwarden
mkdir -p /ssl

openssl genrsa -out myCA.key 2048
openssl req -x509 -new -nodes -sha256 -days 3650 -key myCA.key -out myCA.crt
openssl genpkey -algorithm RSA -out bitwarden.key -outform PEM -pkeyopt rsa_keygen_bits:2048
openssl req -new -key bitwarden.key -out bitwarden.csr

***************************** openssl.cnf file *******************************

basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
subjectAltName = DNS:raspberrypi, IP:, IP:

openssl x509 -req -in bitwarden.csr -CA myCA.crt -CAkey myCA.key -CAcreateserial -out bitwarden.crt -days 365 -sha256 -extfile openssl.cnf

docker pull bitwardenrs/server:raspberry

docker run -d --name bitwarden
-e ROCKET_TLS=’{certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}’
-v /ssl/:/ssl/
-v /mnt/bitwarden/:/data/
-v bitwarden:/config
-p 1443:80
–restart always

I’m enabling in Profile in iOS 12 but still failling… !


Well you installed Bitwarden on Docker now. That’s why it is fast on instalation now. DietPi was going to install it directly on your System without Docker. Quite a difference. :wink:

As well your certificate is incorrectly created for iOS. You would need to set following basicConstraints=CA:TRUE,pathlen:0

This will do the trick on iOS. For this, a patch will be provided on next release 6.35