Replies: 4 comments 14 replies
-
|
Be sure the certificate of valid or accepted by the clients. Self signed certs could cause issues sometimes. Also the logs of that action would be good to see instead of the logs during the support string generation. |
Beta Was this translation helpful? Give feedback.
-
|
The KDF thing is definitely cert related. I can log in when not on my LAN, but something is going on that prevents me from doing so when home. So it is probably a DNS or routing config mishap on my end. Can close this... |
Beta Was this translation helpful? Give feedback.
-
|
Yes |
Beta Was this translation helpful? Give feedback.
-
|
Well, OP's support string says |
Beta Was this translation helpful? Give feedback.
-
|
Could you have made the same mistake #5964 (reply in thread)? |
Beta Was this translation helpful? Give feedback.
-
|
you could type in the command prompt this command to check if the server is sending the kdf config or not: I realized that my server was sending it, so I checked if the URL I inputed in the Bitwarden extension and Android app was correct, and it turned out it wasn't. I accidentally left https://my-domain.com/#/login and changed it to https://my-domain.com and it worked. I also had to type in the domain in the config.json as mine was set to localhost. |
Beta Was this translation helpful? Give feedback.
-
|
Not sure if it was the same problem. Today I updated to Vaultwarden 1.34.2, reconnected Pangolin and magically everything seams to work now... I doubt that the update was the resolution but now it works 🤷🏻 |
Beta Was this translation helpful? Give feedback.
-
|
Honestly I reset up everything from scratch and it worked the second time... So not a satisfactory answer for what was going on... |
Beta Was this translation helpful? Give feedback.
-
|
I'm trying to figure this as well I'm on truenas scale electric eel though I can access the web vault perfectly fine, but when I try to add to bitwarden extension or android app doesn't work. I'm using tailscale and tsdproxy to access it with https. |
Beta Was this translation helpful? Give feedback.
-
|
I also have an issue with this, but it's only when trying to add my account to the Bitwarden browser extension or the Android app. I'm running TrueNAS Electric Eel and installed the community edition app. I'm using Tailscale to access my services and use tsd proxy to create links that have a name that makes sense and takes care of the HTTPS side of things with Tailscale cert. I changed the admin token to the hashed string, checked my config files added the domain name of tailscale, when I curl https://my-domain-for-vaultwarden/api/config it doesn't give the kdf config and idk what to expect. Your environment (Generated via diagnostics page)
Config & Details (Generated via diagnostics page)Show Config & DetailsEnvironment settings which are overridden: DOMAIN Config: {
"_duo_akey": null,
"_enable_duo": true,
"_enable_email_2fa": false,
"_enable_smtp": true,
"_enable_yubico": true,
"_icon_service_csp": "",
"_icon_service_url": "",
"_ip_header_enabled": true,
"_max_note_size": 10000,
"_smtp_img_src": "***:",
"admin_ratelimit_max_burst": 3,
"admin_ratelimit_seconds": 300,
"admin_session_lifetime": 20,
"admin_token": "***",
"allowed_connect_src": "",
"allowed_iframe_ancestors": "",
"attachments_folder": "data/attachments",
"auth_request_purge_schedule": "30 * * * * *",
"authenticator_disable_time_drift": false,
"data_folder": "data",
"database_conn_init": "",
"database_max_conns": 10,
"database_timeout": 30,
"database_url": "********://****************************************************************************",
"db_connection_retries": 15,
"disable_2fa_remember": false,
"disable_admin_token": false,
"disable_icon_download": false,
"domain": "*****://**********************************",
"domain_origin": "*****://**********************************",
"domain_path": "",
"domain_set": true,
"duo_context_purge_schedule": "30 * * * * *",
"duo_host": null,
"duo_ikey": null,
"duo_skey": null,
"duo_use_iframe": false,
"email_2fa_auto_fallback": false,
"email_2fa_enforce_on_verified_invite": false,
"email_attempts_limit": 3,
"email_change_allowed": true,
"email_expiration_time": 600,
"email_token_size": 6,
"emergency_access_allowed": true,
"emergency_notification_reminder_schedule": "0 3 * * * *",
"emergency_request_timeout_schedule": "0 7 * * * *",
"enable_db_wal": true,
"enable_websocket": true,
"enforce_single_org_with_reset_pw_policy": false,
"event_cleanup_schedule": "0 10 0 * * *",
"events_days_retain": null,
"experimental_client_feature_flags": "",
"extended_logging": true,
"helo_name": null,
"hibp_api_key": null,
"http_request_block_non_global_ips": true,
"http_request_block_regex": null,
"icon_blacklist_non_global_ips": true,
"icon_blacklist_regex": null,
"icon_cache_folder": "data/icon_cache",
"icon_cache_negttl": 259200,
"icon_cache_ttl": 2592000,
"icon_download_timeout": 10,
"icon_redirect_code": 302,
"icon_service": "internal",
"incomplete_2fa_schedule": "30 * * * * *",
"incomplete_2fa_time_limit": 3,
"increase_note_size_limit": false,
"invitation_expiration_hours": 120,
"invitation_org_name": "Vaultwarden",
"invitations_allowed": true,
"ip_header": "X-Real-IP",
"job_poll_interval_ms": 30000,
"log_file": null,
"log_level": "info",
"log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
"login_ratelimit_max_burst": 10,
"login_ratelimit_seconds": 60,
"org_attachment_limit": null,
"org_creation_users": "",
"org_events_enabled": false,
"org_groups_enabled": false,
"password_hints_allowed": true,
"password_iterations": 600000,
"push_enabled": false,
"push_identity_uri": "https://identity.bitwarden.com",
"push_installation_id": "***",
"push_installation_key": "***",
"push_relay_uri": "https://push.bitwarden.com",
"reload_templates": false,
"require_device_email": false,
"rsa_key_filename": "data/rsa_key",
"send_purge_schedule": "0 5 * * * *",
"sendmail_command": null,
"sends_allowed": true,
"sends_folder": "data/sends",
"show_password_hint": false,
"signups_allowed": false,
"signups_domains_whitelist": "",
"signups_verify": false,
"signups_verify_resend_limit": 6,
"signups_verify_resend_time": 3600,
"smtp_accept_invalid_certs": false,
"smtp_accept_invalid_hostnames": false,
"smtp_auth_mechanism": null,
"smtp_debug": false,
"smtp_embed_images": true,
"smtp_explicit_tls": null,
"smtp_from": "",
"smtp_from_name": "Vaultwarden",
"smtp_host": null,
"smtp_password": null,
"smtp_port": 587,
"smtp_security": "starttls",
"smtp_ssl": null,
"smtp_timeout": 15,
"smtp_username": null,
"templates_folder": "data/templates",
"tmp_folder": "data/tmp",
"trash_auto_delete_days": null,
"trash_purge_schedule": "0 5 0 * * *",
"use_sendmail": false,
"use_syslog": false,
"user_attachment_limit": null,
"user_send_limit": null,
"web_vault_enabled": true,
"web_vault_folder": "web-vault/",
"yubico_client_id": null,
"yubico_secret_key": null,
"yubico_server": null
} |
Beta Was this translation helpful? Give feedback.
-
|
The KDF config for your user account is returned by {"kdf":0,"kdfIterations":600000,"kdfMemory":null,"kdfParallelism":null}It also has nothing todo with the admin token. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks, I realized it's because I inputed the wrong server url I left /#/login at the end. |
Beta Was this translation helpful? Give feedback.
-
|
@VincedoubleO Haha, thank you for saying that. I was just making the exact same error. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Vaultwarden Support String
I went and updated my admin key to Argon2 and am also using a Pangolin tunnel instead of a reverse proxy to access outside my LAN. Running on Unraid docker using latest tag.
Since doing that I am unable to get my browser plugin or bitwarden client to connect since I get a "KDF config is required" error.
Your environment (Generated via diagnostics page)
Config & Details (Generated via diagnostics page)
Show Config & Details
Environment settings which are overridden: SIGNUPS_ALLOWED, INVITATIONS_ALLOWED, ADMIN_TOKEN
Config:
{ "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": false, "_enable_smtp": true, "_enable_yubico": false, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://************************", "domain_origin": "*****://************************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 600000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": false, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "***********************", "smtp_from_name": "Vaultwarden", "smtp_host": "**************", "smtp_password": "***", "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "*****************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null }Vaultwarden Build Version
v1.34.1
Deployment method
Official Container Image
Custom deployment method
No response
Reverse Proxy
Pangolin 1.4.0 through VPS and Newt
Host/Server Operating System
Linux
Operating System Version
Unraid 7.1.2
Clients
Browser Extension, Desktop
Client Version
2025.5.1 (43022)
Steps To Reproduce
Expected Result
Logs in
Actual Result
Throws error
Logs
Screenshots or Videos
No response
Additional Context
No response
Beta Was this translation helpful? Give feedback.
All reactions