anonymous1184/bitwarden-autotype

unable to get local issuer certificate

BorjaLL opened this issue · 3 comments

BorjaLL commented

I put bw-at.exe and bw.exe in the same folder.
launched and tried to log in with the normal password and API key.
both methods give the error:
request to https://identity.bitwarden.com/connect/token failed,
readon: unable to get local issuer certificate.

any ideas?

anonymous1184 commented

I just downloaded the latest zip file from the releases (v1.1.3), then the current Bitwarden CLI (v1.20.0.0) and place it inside the folder; ran the Auto-type executable and placed my Client ID/Secret and password. I was able to login successfully.

Would you mind to share a screen from the issue? Optionally you can delete bw-at.ini and data.json to have a clean slate.

BorjaLL commented

Downloaded files again
deleted all files in the old folder
unzipped
ran bw-at.exe
got the same error
image

anonymous1184 commented

That is an error coming from bw.exe. And judging from the wording and even the lower case is related to node and the certification path (Bitwarden CLI uses node).

A probable cause is that your data is being decrypted and re-encrypted before reaching its destination... for example a proxy or a network analyzer like Wireshark/Fiddler or perhaps a network-level ad-blocker like AdGuard.

There's a plethora of StackOverflow questions for this and while they vary, all of them point to the same: is an issue at the handshake state and people either add the certificate manually to a .pem or disable the strictness of the SSL connection.

There are different methods for the later depending on what you're doing with node, the only one that applies in the case of a node-compiled Windows binary would be to add an environment variable, but I don't know if that will fix your issue as I haven't been able to replicate (W10 Pro x64 1909 and 21H2).

What you can do is try to log into a terminal with either API credentials or user/password. The error should still happen as is not related to my app but the CLI tool, if that's the case I encourage you to raise an issue in the CLI repo. The second login attempt you can use the following environment variable:

set NODE_TLS_REJECT_UNAUTHORIZED=0

Hopefully that lets you log. If you need further assistance reach me via Reddit chat.