Greetings!
I get this weird error when sending a test mail to verify my Amazon SES setup
Authentication is successfull however it is unable to send the mail?
not sure what “End data with .” means ( see full error in bottom of post )
As far as i understand it Amazon SES is working via API calls?
i’ve read alot about setting up GPG keys but i have 0 experience in this area and honestly do not understand why it is a problem / issue to not have them
i’ve set up Amazon SES on multiple different services and this is the first time it doesn’t work out of the box 
For context:
I am using the docker-compose community edition of passbolt and have everything up and running. the only thing missing is setting up an Email provider
The docker instance is behind an nginx reverse proxy
I’ve set up the Email Server via the admininistration panel
I thought it would be as simple as just putting in the SMTP credentials and off we go, but i get this weird error when i run the healthcheck:
SMTP Settings
[PASS] The SMTP Settings plugin is enabled.
[FAIL] SMTP Setting errors: App\Utility\OpenPGP\Backends\Gnupg::setDecryptKeyFromFingerprint(): Argument #1 ($fingerprint) must be of type string, null given, called in /usr/share/php/passbolt/plugins/PassboltCe/SmtpSettings/src/Service/SmtpSettingsGetSettingsInDbService.php on line 109
[WARN] The SMTP Settings source is: undefined.
[HELP] It is recommended to set the SMTP Settings in the database through the administration section.
[WARN] The SMTP Settings plugin endpoints are enabled.
[HELP] It is recommended to disable the plugin endpoints.
[HELP] Set the PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED environment variable to true.
[HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /etc/passbolt/passbolt.php.
Test mail error:
[
{
"cmd": null,
"response": [
{
"code": "220",
"message": "email-smtp.amazonaws.com ESMTP SimpleEmailService-d-QOIESDV13 0vv0kDL6qjXFBfI8Ktdk"
}
]
},
{
"cmd": "EHLO passbolt.maulund.cloud",
"response": [
{
"code": "250",
"message": "email-smtp.amazonaws.com"
},
{
"code": "250",
"message": "8BITMIME"
},
{
"code": "250",
"message": "STARTTLS"
},
{
"code": "250",
"message": "AUTH PLAIN LOGIN"
},
{
"code": "250",
"message": "Ok"
}
]
},
{
"cmd": "STARTTLS",
"response": [
{
"code": "220",
"message": "Ready to start TLS"
}
]
},
{
"cmd": "EHLO passbolt.maulund.cloud",
"response": [
{
"code": "250",
"message": "email-smtp.amazonaws.com"
},
{
"code": "250",
"message": "8BITMIME"
},
{
"code": "250",
"message": "STARTTLS"
},
{
"code": "250",
"message": "AUTH PLAIN LOGIN"
},
{
"code": "250",
"message": "Ok"
}
]
},
{
"cmd": "AUTH PLAIN *****",
"response": [
{
"code": "235",
"message": "Authentication successful."
}
]
},
{
"cmd": "MAIL FROM:<passbolt@maulund.cloud>",
"response": [
{
"code": "250",
"message": "Ok"
}
]
},
{
"cmd": "RCPT TO:<martink@maulund.dk>",
"response": [
{
"code": "250",
"message": "Ok"
}
]
},
{
"cmd": "DATA",
"response": [
{
"code": "354",
"message": "End data with <CR><LF>.<CR><LF>"
}
]
}
]
Full health check:
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Healthcheck shell
-------------------------------------------------------------------------------
Environment
[PASS] PHP version 8.2.7.
[PASS] PHP version is 8.1 or above.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[WARN] The passbolt config file is missing in /etc/passbolt/
[HELP] Copy /etc/passbolt/passbolt.default.php to /etc/passbolt/passbolt.php
[HELP] The passbolt config file is not required if passbolt is configured with environment variables
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://passbolt.maulund.cloud
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.
SSL Certificate
[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate
Database
[PASS] The application is able to connect to the database
[PASS] 31 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
[PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
[FAIL] The server OpenPGP key is not set
[HELP] Create a key, export it and add the fingerprint to /etc/passbolt/passbolt.php
[HELP] See. https://www.passbolt.com/help/tech/install#toc_gpg
[PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
[FAIL] The server key fingerprint doesn't match the one defined in /etc/passbolt/passbolt.php.
[HELP] Double check the key fingerprint, example:
[HELP] sudo su -s /bin/bash -c "gpg --list-keys --fingerprint --home /var/lib/passbolt/.gnupg" www-data | grep -i -B 2 'SERVER_KEY_EMAIL'
[HELP] SERVER_KEY_EMAIL: The email you used when you generated the server key.
[HELP] See. https://www.passbolt.com/help/tech/install#toc_gpg
[FAIL] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is not in the keyring
[HELP] Import the private server key in the keyring of the webserver user.
[HELP] you can try:
[HELP] sudo su -s /bin/bash -c "gpg --home /var/lib/passbolt/.gnupg --import /etc/passbolt/gpg/serverkey_private.asc" www-data
[FAIL] The server key does not have a valid email id.
[HELP] Edit or generate another key with a valid email id.
Application configuration
[FAIL] This installation is not up to date. Currently using 4.5.2 and it should be 4.6.0.
[HELP] See. https://www.passbolt.com/help/tech/update
[FAIL] Passbolt is not configured to force SSL use.
[HELP] Set passbolt.ssl.force to true in /etc/passbolt/passbolt.php.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[INFO] The Self Registration plugin is enabled.
[INFO] Registration is closed, only administrators can add users.
[PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
[WARN] Host availability checking is disabled.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
[HELP] Or set passbolt.email.validate.mx to true in /etc/passbolt/passbolt.php.
[PASS] Serving the compiled version of the javascript app.
[WARN] Some email notifications are disabled by the administrator.
JWT Authentication
[PASS] The JWT Authentication plugin is enabled
[PASS] The /etc/passbolt/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found
SMTP Settings
[PASS] The SMTP Settings plugin is enabled.
[FAIL] SMTP Setting errors: App\Utility\OpenPGP\Backends\Gnupg::setDecryptKeyFromFingerprint(): Argument #1 ($fingerprint) must be of type string, null given, called in /usr/share/php/passbolt/plugins/PassboltCe/SmtpSettings/src/Service/SmtpSettingsGetSettingsInDbService.php on line 109
[WARN] The SMTP Settings source is: undefined.
[HELP] It is recommended to set the SMTP Settings in the database through the administration section.
[WARN] The SMTP Settings plugin endpoints are enabled.
[HELP] It is recommended to disable the plugin endpoints.
[HELP] Set the PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED environment variable to true.
[HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /etc/passbolt/passbolt.php.
[FAIL] 7 error(s) found. Hang in there!
Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue