[BUG] "Variable not valid" errors when modify RAW config and use CUSTOM_SSL_CERT_DATA inserted over Easy or Advanced mode

[bajizs]

What happened?

If add some SSL certificate over Easy mode and try to vorrect some data in RAW mode, You get lot of "Variable not valid" errors on Save, and SSL cert will be removed

How to reproduce?

1. Add a Custom SSL CERT and KEY, over Easy mode.
2. save config
3. open config again, and edit it in RAW mode
4. click to Save

Configuration file(s) (yaml or .env)

Relevant log output

BunkerWeb version

1.6.11

What integration are you using?

Linux

Linux distribution (if applicable)

Debian 13

Removed private data

• I have removed all private data from the configuration file and the logs

Code of Conduct

• I agree to follow this project's Code of Conduct

[TheophileDiot]

Hi @bajizs, thanks for the report. I managed to reproduce it and I know what's going on.

The issue is in how the RAW config editor reads what you type when you hit Save. When you add the certificate as inline data (CUSTOM_SSL_CERT_DATA / CUSTOM_SSL_KEY_DATA), the value is a multi-line PEM block. The Easy and Advanced editors handle that fine, but the RAW editor parses the config one line at a time as KEY=VALUE. Every line of the certificate body after the first one (the MIIB... lines, the -----END CERTIFICATE-----, etc.) has no = in it, so each one ends up being treated as its own invalid variable. That's where the pile of "Variable not valid" errors comes from, and the real CUSTOM_SSL_CERT_DATA value gets cut short, which is why the certificate ends up gone.

It can even happen when you only meant to edit some unrelated setting in RAW mode, because the untouched certificate gets rebuilt through the same parser.

A couple of ways to work around it for now:

• Edit the Custom SSL settings from Advanced mode rather than RAW mode.
• Or use the file path settings (CUSTOM_SSL_CERT and CUSTOM_SSL_KEY) pointing at PEM files the scheduler can read. Those are single line, so they go through RAW mode without any trouble.

If a certificate already got wiped, you can bring it back from a backup with bwcli plugin backup restore, or just re-enter it from Advanced mode.

I have a fix in progress that teaches the RAW editor about multi-line values so the certificate stays intact. I'm also adding a way to fold those large blocks in the editor so they don't swallow the whole view. I'll link the PR here once it's ready.

[bajizs]

Hello,

Thank you for the quick answer. I don't have a problem with the certificates — I restored them from a backup (I always keep a backup).

Great that you explained it — this will help others quickly fix the issue.