Checklist
[ *] I have read intro post: About the Installation Issues category
[ *] I have read the tutorials, help and searched for similar issues
[ *] I provide relevant information about my server (component names and versions, etc.)
[ *] I provide a copy of my logs and healthcheck
[ *] I describe the steps I have taken to trouble shoot the problem
[ *] I describe the steps on how to reproduce the issue
I am trying to upgrade my passbolt VM to v3.3.0 from ~v2.3 and I am getting a 502 error after doing a migration.
I am running Ubuntu 20.04 with PHP 7.4 and MySQL 8 on another device on the network. I am also using an Apache server as a web proxy as I have multiple sites that are served through it.
Please let me know what logs I need to pull from my system so I can troubleshoot this.
Below is what I get when I run a healthcheck:
PASSBOLT
Open source password manager for teams
Healthcheck shell…Warning Error: file_get_contents(/var/www/passbolt/config/jwt/jwt.pem): failed to open stream: No such file or directory
In [/var/www/passbolt/plugins/Passbolt/JwtAuthentication/src/Service/AccessToken/JwtKeyPairService.php, line 110]
2021-10-31 22:41:59 Warning: Warning (2): file_get_contents(/var/www/passbolt/config/jwt/jwt.pem): failed to open stream: No such file or directory in [/var/www/passbolt/plugins/Passbolt/JwtAuthentication/src/Service/AccessToken/JwtKeyPairService.php, line 110]
Environment
[PASS] PHP version 7.4.3.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[PASS] The passbolt config file is present
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://passbolt.XXXXXXX.com
[PASS] App.fullBaseUrl validation OK.
[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
[HELP] Check that the domain name is correct in config/passbolt.php
[HELP] Check the network settings
SSL Certificate
[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
Database
[PASS] The application is able to connect to the database
[PASS] 26 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server OpenPGP key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
Application configuration
[PASS] Using latest passbolt version (3.3.0).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.
JWT Authentication
[WARN] The JWT Authentication plugin is disabled
[HELP] Set the environment variable PASSBOLT_PLUGINS_JWT_AUTHENTICATION_ENABLED to true
[FAIL] 3 error(s) found. Hang in there!
The last two Nginx errors that I captured showing me trying to connect:
2021/10/31 22:48:14 [error] 3885#3885: *64 connect() failed (111: Connection refused) while connecting to upstream, client: 10.208.41.233, server: passbolt.XXXXXXX.com, request: “GET /install/system_check HTTP/1.1”, upstream: “fastcgi://127.0.0.1:9000”, host: “passbolt.XXXXXXX.com”
2021/10/31 22:53:45 [error] 3885#3885: *69 connect() failed (111: Connection refused) while connecting to upstream, client: 10.208.41.233, server: passbolt.XXXXXXX.com, request: “GET / HTTP/1.1”, upstream: “fastcgi://127.0.0.1:9000”, host: “passbolt.XXXXXXX.com”