The bundled web vault refuses to submit registration and login
requests over plain HTTP, surfacing "Insecure URL not allowed. All
URLs must use HTTPS." in the UI. The Continue button is left
`bit-aria-disable=true` and click handlers are no-ops, which
manifests in tests as `locator.fill: timeout exceeded` deep into
createAccount — diagnosed via DOM dump showing the error banner.
Make the test Rocket server actually serve HTTPS:
- Generate a self-signed cert in the Vaultwarden runtime image
(separate RUN layer from the apt install so cert tweaks don't
bust the deps layer cache).
- Point `ROCKET_TLS` at the cert + key in test.env and the
dev .env.template.
- Switch DOMAIN to `https://localhost:${ROCKET_PORT}`.
- Tell Playwright to ignore HTTPS errors on the self-signed cert
(in both `playwright.config.ts` for test contexts and
`global-utils.ts` for the manual context startVault uses to
poll for vault readiness).
Self-signed + `ignoreHTTPSErrors` is the idiomatic Playwright pattern
for a local-only test target; importing a custom CA into each
browser's profile would be substantially more invasive (Firefox uses
NSS, Chromium has its own store) for no real-world fidelity gain.
Zaid Marji
f30847d15e