Checklist
[X] I have read intro post: About the Installation Issues category
[X] I have read the tutorials, help and searched for similar issues
[X] I provide relevant information about my server (component names and versions, etc.)
[X] I provide a copy of my logs and healthcheck
[X] I describe the steps I have taken to trouble shoot the problem
[X] I describe the steps on how to reproduce the issue
Hi.
I have installed Passbolt on Ubuntu 18.04.3 LTS and I have a problem with the activation emails.
The email test is working fine. This is the log:
Open source password manager for teams
---------------------------------------------------------------
Debug email shell
---------------------------------------------------------------
Email configuration
---------------------------------------------------------------
Host: 192.168.0.XX
Port: 2525
Username:
Password: *********
TLS: false
Sending email from: Passbolt <administrador@XXXX.es>
Sending email to: XXXX@XXXX.es
---------------------------------------------------------------
Trace
[220] Internal_CPD-Exchange.Dani.local Microsoft ESMTP MAIL Service ready at Tue, 4 Feb 2020 09:59:22 +0100
> EHLO localhost
[250] Internal_CPD-Exchange.Dani.local Hello [XXXX]
[250] SIZE 15728640
[250] PIPELINING
[250] DSN
[250] ENHANCEDSTATUSCODES
[250] AUTH
[250] 8BITMIME
[250] BINARYMIME
[250] CHUNKING
[250] XEXCH50
[250] XSHADOW
> MAIL FROM:<administrador@XXXX.es>
[250] 2.1.0 Sender OK
> RCPT TO:<XXXX@XXXX.es>
[250] 2.1.5 Recipient OK
> DATA
[354] Start mail input; end with <CRLF>.<CRLF>
> From: Passbolt <XXXX@XXXX.es>
To: XXXX@XXXX.es
Date: Tue, 04 Feb 2020 08:59:25 +0000
Message-ID: <953a405011774599b8fb471d3c2c009c@CPD-PASS>
Subject: Passbolt test email
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Congratulations!
If you receive this email, it means that your passbolt smtp configuration is working fine.
.
[250] 2.6.0 <953a405011774599b8fb471d3c2c009c@CPD-PASS> [InternalId=4490577] Queued mail for delivery
> QUIT
The message has been successfully sent!
But when I add an user in users section it says Activation pending.
I guess that an activation email have benn sent to the user but we have checked the email and no one has been received.
The sudo su -s /bin/bash -c "./bin/cake passbolt healthcheck" www-data command says this:
Healthcheck shell
---------------------------------------------------------------
Environment
[PASS] PHP version 7.2.24-0ubuntu0.18.04.2.
[PASS] PCRE compiled with unicode support.
[FAIL] The temporary directory and its content are not writable.
[HELP] Ensure the temporary directory and its content are writable by the webserver user.
[HELP] you can try:
[HELP] sudo chown -R www-data:www-data /var/www/passbolt/tmp/
[HELP] sudo chmod 775 $(find /var/www/passbolt/tmp/ -type d)
[HELP] sudo chmod 664 $(find /var/www/passbolt/tmp/ -type f)
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[PASS] The passbolt config file is present
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to http://192.168.0.43
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.
SSL Certificate
[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate
Database
[PASS] The application is able to connect to the database
[PASS] 23 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server gpg key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
Application configuration
[PASS] Using latest passbolt version (2.12.0).
[FAIL] Passbolt is not configured to force SSL use.
[HELP] Set passbolt.ssl.force to true in config/passbolt.php.
[FAIL] App.fullBaseUrl is not set to HTTPS.
[HELP] Check App.fullBaseUrl url scheme in config/passbolt.php.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.
3 error(s) found. Hang in there!
cron.service - Regular background program processing daemon
Loaded: loaded (/lib/systemd/system/cron.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2020-02-04 13:38:53 CET; 3min 30s ago
Docs: man:cron(8)
Main PID: 4832 (cron)
Tasks: 1 (limit: 3533)
CGroup: /system.slice/cron.service
└─4832 /usr/sbin/cron -f
feb 04 13:40:01 CPD-PASS CRON[4957]: (CRON) info (No MTA installed, discarding output)
feb 04 13:40:01 CPD-PASS CRON[4957]: pam_unix(cron:session): session closed for user www-data
feb 04 13:41:01 CPD-PASS CRON[4971]: pam_unix(cron:session): session opened for user www-data by (uid=0)
feb 04 13:41:01 CPD-PASS CRON[4973]: (www-data) CMD (/var/www/passbolt/bin/cake EmailQueue.sender)
feb 04 13:41:02 CPD-PASS CRON[4971]: (CRON) info (No MTA installed, discarding output)
feb 04 13:41:02 CPD-PASS CRON[4971]: pam_unix(cron:session): session closed for user www-data
feb 04 13:42:01 CPD-PASS CRON[4986]: pam_unix(cron:session): session opened for user www-data by (uid=0)
feb 04 13:42:01 CPD-PASS CRON[4987]: (www-data) CMD (/var/www/passbolt/bin/cake EmailQueue.sender)
feb 04 13:42:01 CPD-PASS CRON[4986]: (CRON) info (No MTA installed, discarding output)
feb 04 13:42:01 CPD-PASS CRON[4986]: pam_unix(cron:session): session closed for user www-data
@joshdejuan Try which sendmail to see if sendmail is already installed. I thought it came with a default install. If you don’t have it you will need it or something similar. You are delivering locally, so if you have sendmail then you need it to be listening on 2525, or change the port on the passbolt config to the one that sendmail is already listening on.
@joshdejuan, Passbolt is ready to connect to a mail server via SMTP, but does not install something like sendmail.
It’s hard to tell with what you posted because you xxxx’d out the domains, but can you describe the desired mail flow in your setup:
are you wanting the server on which passbolt is installed on to be the actual sender of the email, or do you want it to sign in to a remote mail service, and then have that service send the mail for you?
when the email gets received, is it going to be a mailbox of a local server user or an inbox of the user’s company or personal email?
Sorry @garrett, here you have the complete log of sudo bin/cake passbolt send_test_email --recipient=joshua@dani.es command.
Open source password manager for teams
---------------------------------------------------------------
Debug email shell
---------------------------------------------------------------
Email configuration
---------------------------------------------------------------
Host: 192.168.0.42
Port: 2525
Username:
Password: *********
TLS: false
Sending email from: Passbolt <administrador@dani.es>
Sending email to: joshua@dani.es
---------------------------------------------------------------
Trace
[220] Internal_CPD-Exchange.Dani.local Microsoft ESMTP MAIL Service ready at Thu, 6 Feb 2020 08:46:15 +0100
> EHLO localhost
[250] Internal_CPD-Exchange.Dani.local Hello [192.168.0.43]
[250] SIZE 15728640
[250] PIPELINING
[250] DSN
[250] ENHANCEDSTATUSCODES
[250] AUTH
[250] 8BITMIME
[250] BINARYMIME
[250] CHUNKING
[250] XEXCH50
[250] XSHADOW
> MAIL FROM:<administrador@dani.es>
[250] 2.1.0 Sender OK
> RCPT TO:<joshua@dani.es>
[250] 2.1.5 Recipient OK
> DATA
[354] Start mail input; end with <CRLF>.<CRLF>
> From: Passbolt <administrador@dani.es>
To: joshua@dani.es
Date: Thu, 06 Feb 2020 07:46:19 +0000
Message-ID: <0598ba3693bf441ea12c8188051e6296@CPD-PASS>
Subject: Passbolt test email
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Congratulations!
If you receive this email, it means that your passbolt smtp configuration is working fine.
.
[250] 2.6.0 <0598ba3693bf441ea12c8188051e6296@CPD-PASS> [InternalId=4503102] Queued mail for delivery
> QUIT
The message has been successfully sent!
And here is the email received:
What I want is for my colleagues in the IT department to receive the invitation email to register on the Passbolt server with his company email (xxxx@dani.es). Right now I’m the only one who can log in.
@joshdejuan Ok, so it sounds like the activation emails are working. To me, you are describing a problem more like “How to enable users to receive activation emails”, or maybe “How to enable users to send themselves activation emails”. If so, one of these two things is not set to enabled:
when you create a new user, no email notification is sent. If it’s this, check administration settings page and toggle the appropriate option to on.
Healthcheck shell
---------------------------------------------------------------
Environment
[PASS] PHP version 7.2.24-0ubuntu0.18.04.2.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable.
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[PASS] The passbolt config file is present
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to http://192.168.0.43
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.
SSL Certificate
[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate
Database
[PASS] The application is able to connect to the database
[PASS] 23 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server gpg key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
Application configuration
[PASS] Using latest passbolt version (2.12.0).
[FAIL] Passbolt is not configured to force SSL use.
[HELP] Set passbolt.ssl.force to true in config/passbolt.php.
[FAIL] App.fullBaseUrl is not set to HTTPS.
[HELP] Check App.fullBaseUrl url scheme in config/passbolt.php.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[WARN] Registration is open to everyone.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set passbolt.registration.public to false in config/passbolt.php.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.
2 error(s) found. Hang in there!
I’ve also tried to send the email to a xxx@gmail.com account but the email also doesn’t arrive. So I think it’s a Passbolt error.
2020-02-04 08:43:51 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-04 08:44:20 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-04 08:50:13 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-04 09:20:21 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-04 09:21:32 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/start" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /start
2020-02-04 09:24:04 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-04 13:04:40 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-05 06:59:08 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-05 07:00:08 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-05 17:26:50 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-05 17:27:50 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-06 08:13:13 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-06 08:39:21 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-06 09:06:13 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-06 09:56:39 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-06 15:32:24 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-07 06:59:10 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-07 07:00:10 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
2020-02-07 09:19:22 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /auth/is-authenticated.json
The community passbolt forum is explanatory and descriptive indeed.I have been facing the same consequences regarding the activation email.The following manuals provided are very illustrative and explanatory.It is really working out.I have to include that I am unable to stream videos of my Arlo Ultra from my Linus and opera browser for a couple of days.I have followed out the manuals as directed by the arlo app for pc .
Guide us what we missed out to include?
