MS Exchange On-Prem Self-Signed SMTP cert prevents 2FA Mails #4483
-
Subject of the issueWe have Vaultwarden deployed in a k3s cluster that is configured via the
Deployment environment
Steps to reproduceAccording to my collegue, all he did was attempt to log in via the Web Vault to obtain login credentials. Upon entering his creds, he received an error page with the error above (minus the log wrap itself). The extension works fine, so I assume it just falls back to offline storage. Expected behaviourAn email to be sent Actual behaviourIt appears that Vaultwarden does not like Exchange's shenanigans related to certificates. Although we use I tried to look for a way to, at least temporarily, disable TLS verification to see if that solved the issue, but found none. Exchange isn't the most obvious about it's certs, according to another collegue with admin previleges (which I do not have), so I have to assume that Microsoft is doing Microsoft things...fun. Troubleshooting dataSee above. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 2 replies
-
You seem to be using a self signed certificate. |
Beta Was this translation helpful? Give feedback.
-
Also you can make a local postfix relay to make things easier to customize. |
Beta Was this translation helpful? Give feedback.
You seem to be using a self signed certificate.
Either add the CA to the containers ca-certificates.crt or set Vaultwarden to ignore it.
https://github.com/dani-garcia/vaultwarden/blob/e1a8df96dbadfbf5ad36ce9aa2f31f34396166c2/.env.template#L517..L526