So I have tried multiple times and have a mariadb docker configured with the correct tables, as well as a fully configured passbolt docker using env variables.
My passbolt.php has database, email and gpg settings configured.
I am using 2.01-pro docker image and everything is working great in the gui.
I can login and import keepass archives and all is well.
I am using passbolt behind a preconfigured nginx proxy with A+ ssl config.
I get 7 errors with the healthcheck and after running the suggested commands, the same errors remain?
I am not sure if these are errors in the healthcheck logic with a proxied passbolt, or indeed I have 7 problems, that the help commands do not appear to fix?
The passbolt docker configured everything with no errors reported…
Thanks for any help.
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ // / __ `/ / / __ / __ / / _/
/ / // ( | ) // / // / / /
// _,///.__/__//_/
Open source password manager for teams
Healthcheck shell…
Environment
[32m[PASS] [0m PHP version 7.2.2.
[32m[PASS] [0m PCRE compiled with unicode support.
[32m[PASS] [0m The temporary directory and its content are writable.
[32m[PASS] [0m The public image directory and its content are writable.
[32m[PASS] [0m The logs directory and its content are writable.
[32m[PASS] [0m GD or Imagick extension is installed.
[32m[PASS] [0m Intl extension is installed.
[32m[PASS] [0m Mbstring extension is installed.
Config files
[32m[PASS] [0m The application config file is present
[32m[PASS] [0m The passbolt config file is present
Core config
[32m[PASS] [0m Debug mode is off.
[32m[PASS] [0m Cache is working.
[32m[PASS] [0m Unique value set for security.salt
[32m[PASS] [0m Full base url is set to https://
[32m[PASS] [0m App.fullBaseUrl validation OK.
[31m[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl [0m
[36m[HELP] [0m Check that the domain name is correct in config/passbolt.php
[36m[HELP] [0m Check the network settings
SSL Certificate
[31m[FAIL] SSL peer certificate does not validate [0m
** [31m[FAIL] Hostname does not match when validating certificates. [0m**
** [33m[WARN] Using a self-signed certificate [0m**
Database
[32m[PASS] [0m The application is able to connect to the database
[32m[PASS] [0m 21 tables found
[32m[PASS] [0m Some default content is present
[32m[PASS] [0m The database schema up to date.
GPG Configuration
[32m[PASS] [0m PHP GPG Module is installed and loaded.
[32m[PASS] [0m The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[32m[PASS] [0m The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[31m[FAIL] The server gpg key is not set [0m
** [36m[HELP] [0m Create a key, export it and add the fingerprint to config/passbolt.php**
** [36m[HELP] [0m See. https://www.passbolt.com/help/tech/install#toc_gpg**
[32m[PASS] [0m The public key file is defined in config/passbolt.php and readable.
[32m[PASS] [0m The private key file is defined in config/passbolt.php and readable.
[31m[FAIL] The server key fingerprint doesn’t match the one defined in config/passbolt.php. [0m
[36m[HELP] [0m Double check the key fingerprint, example:
[36m[HELP] [0m sudo su -s /bin/bash -c “gpg --list-keys --fingerprint --home /home/www-data/.gnupg” www-data | grep -i -B 2 ‘SERVER_KEY_EMAIL’
[36m[HELP] [0m SERVER_KEY_EMAIL: The email you used when you generated the server key.
[36m[HELP] [0m See. https://www.passbolt.com/help/tech/install#toc_gpg
[31m[FAIL] The server public key defined in the config/passbolt.php is not in the keyring [0m
[36m[HELP] [0m Import the private server key in the keyring of the webserver user.
[36m[HELP] [0m you can try:
[36m[HELP] [0m sudo su -s /bin/bash -c “gpg --home /home/www-data/.gnupg --import /var/www/passbolt/config/gpg/serverkey_private.asc” www-data
[31m[FAIL] The server key does not have a valid email id. [0m
[36m[HELP] [0m Edit or generate another key with a valid email id.
Application configuration
[32m[PASS] [0m Using latest passbolt version (2.0.1).
[32m[PASS] [0m Passbolt is configured to force SSL use.
[32m[PASS] [0m App.fullBaseUrl is set to HTTPS.
[32m[PASS] [0m Selenium API endpoints are disabled.
[32m[PASS] [0m Search engine robots are told not to index content.
[32m[PASS] [0m Registration is closed, only administrators can add users.
[32m[PASS] [0m Serving the compiled version of the javascript app
[32m[PASS] [0m All email notifications will be sent.
[31m 7 error(s) found. Hang in there! [0m