From 9f089e7f8f3bb6ff6b67e8aa3ebf9de7e16ae781 Mon Sep 17 00:00:00 2001 From: muibusan Date: Fri, 16 Aug 2019 11:34:21 +0200 Subject: [PATCH] Minor text changes --- Enabling-HTTPS.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Enabling-HTTPS.md b/Enabling-HTTPS.md index 67faa3c..2c0df1a 100644 --- a/Enabling-HTTPS.md +++ b/Enabling-HTTPS.md @@ -9,7 +9,7 @@ Where: * key: a path to a private key file in PEM format for the certificate in certs Note: -* The file name _extensions_ used in the ROCKET_TLS line do not necessarily have to be PEM. Important is the underlying file _format_ which needs to be PEM, i.e. base64-coded. Since the PEM format is openssl's default you can therefore simply rename .cert, .cer, .crt and .key files to .pem and vice versa or - as an alternative - use different file extensions like .crt or .key in the ROCKET_TLS line. +The file name _extensions_ used in the ROCKET_TLS line do not necessarily have to be PEM as in the example. Important is the file _format_ that needs to be PEM, i.e. base64-coded. Since the PEM format is openssl's default you can therefore simply rename .cert, .cer, .crt and .key files to .pem and vice versa or - as an alternative - use .crt or .key as file extentions in the ROCKET_TLS line. ```sh docker run -d --name bitwarden \ @@ -20,9 +20,9 @@ docker run -d --name bitwarden \ bitwardenrs/server:latest ``` -You need to mount ssl files (-v argument) and you need to forward appropriate port (-p argument), usually 443 for HTTPS connections. If you choose a different port number than 443 like for example 3456, remember to explicitly provide that port number when you connect to the service, example: `https://bitwarden.local:3456`. +You need to mount ssl files (-v argument) and you need to forward appropriate port (-p argument), usually port 443 for HTTPS connections. If you choose a different port number than 443 like for example 3456, remember to explicitly provide that port number when you connect to the service, example: `https://bitwarden.local:3456`. -For further information on how to set up and use a private CA on your local system refer to [this chapter of the wiki.](https://github.com/dani-garcia/bitwarden_rs/wiki/Private-CA-and-self-signed-certs-that-work-with-Chrome) After following it your ROCKET_TLS line could look like this: `-e ROCKET_TLS='{certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}' \` +For further information on how to set up and use a private CA on your local system refer to [this chapter of the wiki.](https://github.com/dani-garcia/bitwarden_rs/wiki/Private-CA-and-self-signed-certs-that-work-with-Chrome) If following that guide your ROCKET_TLS line could look like this: `-e ROCKET_TLS='{certs="/ssl/bitwarden.crt",key="/ssl/bitwarden.key"}' \` Due to what is likely a certificate validation bug in Android, you need to make sure that your certificate includes the full chain of trust. In the case of certbot, this means using `fullchain.pem` instead of `cert.pem`.