All working fine, but healthcheck reports 7 errors?

So I have tried multiple times and have a mariadb docker configured with the correct tables, as well as a fully configured passbolt docker using env variables.

My passbolt.php has database, email and gpg settings configured.

I am using 2.01-pro docker image and everything is working great in the gui.

I can login and import keepass archives and all is well.

I am using passbolt behind a preconfigured nginx proxy with A+ ssl config.

I get 7 errors with the healthcheck and after running the suggested commands, the same errors remain?

I am not sure if these are errors in the healthcheck logic with a proxied passbolt, or indeed I have 7 problems, that the help commands do not appear to fix?

The passbolt docker configured everything with no errors reported…

Thanks for any help.

____                  __          ____  
/ __ \____  _____ ____/ /_  ____  / / /_ 

/ // / __ `/ / / __ / __ / / _/
/ / // ( |
) /
/ / /
/ / / /
/ _

Open source password manager for teams

Healthcheck shell…


[32m[PASS] [0m PHP version 7.2.2.
[32m[PASS] [0m PCRE compiled with unicode support.
[32m[PASS] [0m The temporary directory and its content are writable.
[32m[PASS] [0m The public image directory and its content are writable.
[32m[PASS] [0m The logs directory and its content are writable.
[32m[PASS] [0m GD or Imagick extension is installed.
[32m[PASS] [0m Intl extension is installed.
[32m[PASS] [0m Mbstring extension is installed.

Config files

[32m[PASS] [0m The application config file is present
[32m[PASS] [0m The passbolt config file is present

Core config

[32m[PASS] [0m Debug mode is off.
[32m[PASS] [0m Cache is working.
[32m[PASS] [0m Unique value set for security.salt
[32m[PASS] [0m Full base url is set to https://
[32m[PASS] [0m App.fullBaseUrl validation OK.
[31m[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl [0m
[36m[HELP] [0m Check that the domain name is correct in config/passbolt.php
[36m[HELP] [0m Check the network settings

SSL Certificate

[31m[FAIL] SSL peer certificate does not validate [0m
** [31m[FAIL] Hostname does not match when validating certificates. [0m**
** [33m[WARN] Using a self-signed certificate [0m**


[32m[PASS] [0m The application is able to connect to the database
[32m[PASS] [0m 21 tables found
[32m[PASS] [0m Some default content is present
[32m[PASS] [0m The database schema up to date.

GPG Configuration

[32m[PASS] [0m PHP GPG Module is installed and loaded.
[32m[PASS] [0m The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[32m[PASS] [0m The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[31m[FAIL] The server gpg key is not set [0m
** [36m[HELP] [0m Create a key, export it and add the fingerprint to config/passbolt.php**
** [36m[HELP] [0m See.**
[32m[PASS] [0m The public key file is defined in config/passbolt.php and readable.
[32m[PASS] [0m The private key file is defined in config/passbolt.php and readable.
[31m[FAIL] The server key fingerprint doesn’t match the one defined in config/passbolt.php. [0m
[36m[HELP] [0m Double check the key fingerprint, example:
[36m[HELP] [0m sudo su -s /bin/bash -c “gpg --list-keys --fingerprint --home /home/www-data/.gnupg” www-data | grep -i -B 2 ‘SERVER_KEY_EMAIL’
[36m[HELP] [0m SERVER_KEY_EMAIL: The email you used when you generated the server key.
[36m[HELP] [0m See.
[31m[FAIL] The server public key defined in the config/passbolt.php is not in the keyring [0m
[36m[HELP] [0m Import the private server key in the keyring of the webserver user.
[36m[HELP] [0m you can try:
[36m[HELP] [0m sudo su -s /bin/bash -c “gpg --home /home/www-data/.gnupg --import /var/www/passbolt/config/gpg/serverkey_private.asc” www-data
[31m[FAIL] The server key does not have a valid email id. [0m
[36m[HELP] [0m Edit or generate another key with a valid email id.

Application configuration

[32m[PASS] [0m Using latest passbolt version (2.0.1).
[32m[PASS] [0m Passbolt is configured to force SSL use.
[32m[PASS] [0m App.fullBaseUrl is set to HTTPS.
[32m[PASS] [0m Selenium API endpoints are disabled.
[32m[PASS] [0m Search engine robots are told not to index content.
[32m[PASS] [0m Registration is closed, only administrators can add users.
[32m[PASS] [0m Serving the compiled version of the javascript app
[32m[PASS] [0m All email notifications will be sent.

[31m 7 error(s) found. Hang in there! [0m

Hi @mannp!

Indeed this look like inconsistencies of the healthcheck with your setup. It is related with the inconsistencies you have already reported on the passbolt_docker repo. Considering what your setup looks like you shouldn’t worry about them.

Hi @diego I’d only reported the /healthcheck status one, so wasn’t sure if the others were related.

The ssl one, I wasn’t sure if I needed to point passbolt to my letsencrypt proxy to get the certs, but I don’t do that for my other ssl proxied dockers, so wasn’t clear here.

The gpg one is also odd as that is using the standard gpg enviroment setup in the docker, so was unclear why it was complaining about those…?

I have added the fingerprint in the passbolt.php config, but its still complaining, so wasn’t sure if I had done that wrongly.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.