lucians home

Solve bitwarden_rs this.subtle is null error (enable ssl)

I want to start this post by saying that I am a happy owner of a Synology NAS.

My main goal when I purchased it was to host my personal files but soon, I discovered I could do much more with it. One of this is to install a self-hosted password manager, Bitwarden.

I will not explain here how to install Docker and the manager itself, rather I will tell you how to solve an error that bothered me.

The problem appeared when I tried to use Bitwarden login portal. I inserted my credentials and “this.subtle is null” error popped up:

this.subtle error

After some research I discovered that it is something related to my browser (Firefox) which changed some API. This is confirmed by web vault author.

Only way to access vault was to switch to HTTPS (shame on me it wasn’t already done). Just to be clear, I used the manager anyway through Firefox extension which allowed me to operate normally. Synchronization between phone and web interface was somehow broken.

So, what I did ? As always, some research first which can be summarized by the following steps:

  1. Access your Docker and stop the container
  2. Login through SSH (if you have this problem and want to solve it then you should know how to login) and obtain root access (sudo su -)
  3. Run this command: docker exec -it bitwarden bash – this will let you enter the docker container (that’s I understand) and explore its files
  4. Create a folder named “ssl” (if not exist) in the main path of your docker containter
  5. cd to that directory and run the next command: openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes – this will create key and cert files needed for the process
  6. Once created, go to your Synology and in Docker – Container – bitwarden – Environment add a new variable called ROCKET_TLS and with value this value {certs="ssl/cert.pem",key="ssl/key.pem"} as suggested here
  7. Start your container
  8. Go to your web vault login page using https instead of http – it should show you a warning page – go ahead


This is all. I recently discovered that these steps have to be done after every container update.

If you encounter any error in this process you can contact me (see Contact page) or reply on this Issue page (GitHub).