Checklist
[x ] I have read intro post: About the Installation Issues category
[x ] I have read the tutorials, help and searched for similar issues
[x ] I provide relevant information about my server (component names and versions, etc.)
[x ] I provide a copy of my logs and healthcheck
[x ] I describe the steps I have taken to trouble shoot the problem
[x ] I describe the steps on how to reproduce the issue
Hi fellas, i finished the setup config and i stop on this step:
“Point your browser to the hostname / ip where passbolt can be reached”
i got an entire blank page, when i access my id address.
Healthcheck shell…2023-08-02 01:18:22 warning: file_get_contents(/etc/passbolt/gpg/serverkey.asc): Failed to open stream: No such file or directory
warning: 2 :: file_get_contents(/etc/passbolt/gpg/serverkey.asc): Failed to open stream: No such file or directory on line 456 of /usr/share/php/passbolt/src/Utility/Healthchecks/GpgHealthchecks.php
2023-08-02 01:18:22 warning: file_get_contents(/etc/passbolt/gpg/serverkey_private.asc): Failed to open stream: No such file or directory
warning: 2 :: file_get_contents(/etc/passbolt/gpg/serverkey_private.asc): Failed to open stream: No such file or directory on line 458 of /usr/share/php/passbolt/src/Utility/Healthchecks/GpgHealthchecks.php
.2023-08-02 01:18:22 error: [TypeError] strpos(): Argument #1 ($haystack) must be of type string, bool given in /usr/share/php/passbolt/src/Utility/Healthchecks.php on line 92
Hello, since you are using AlmaLinux, it could be a SELinux issues.
Could you run:
setsebool -P httpd_use_gpg=on
setsebool -P gpg_web_anon_write=on
semanage permissive -a gpg_web_t
If that does not fixes the issues, can you share the permissions on the passbolt’s gpg directory? ls -la /etc/passbolt/gpg, also do you confirm that the fullBaseUrl match the address where you are trying to reach passbolt?
I think there is an issues with the keys, they are not generated yet I’ll asume so, based on the issues, from the installation guide that’s after the SSL configuration that this issues is happening, you can’t even access the WebInstaller right? Have you installed Havegd ?
It should be normal that the healthcheck is throwing an error then, indeed, the server gpg keys are created through the WebInstaller, if you haven’t reached it yet, then the healthcheck will not work as the server is not completely installed.
So just to confirm:
Could you explain all the steps you did for the SSL configuration?
Did you chose manual, auto or none?
The SSL path is correct if you are using a self-signed certificate?
The hostname you are using is matching what you are trying to reach on the browser? (the fullBaseUrl is really important, for example if SSL is enabled you should use https://YOUR_DOMAIN.domain as the fullBaseUrl and not only YOUR_DOMAIN.domain)
you can’t even access the WebInstaller right?
yes, i can’t.
Have you installed Havegd ?
yes
explain all the steps you did for the SSL configuration?
i choose Auto.
The hostname you are using is matching what you are trying to reach on the browser?
i put my local ip addrs = 192.168.x.xxx on hostname and reach on browser
on browser i put just the ip address i got blank screen with favicon of passbolt, and when i force https://ipaddress
i got Unable to connect - An error occurred during a connection to 192.168.0.200.
should i try to complete the install without ssl?
and try to implement after?
For an IP address Auto won’t work. Our auto option uses let’s encrypt and they use the DNS record to verify
If you are just hosting locally and don’t plan to have access from outside of your network then you might want to create a self signed cert for that IP address
Hi Clayton, in a past (1 y ago) made the same setup, withy Auto SSL for ip address and worked.
i this caso do you recomend to set manually ?
i am just afraid to have knowlogy to implemente this manually. but i can try.
For an IP address you’d have to choose the manual option. Are you sure you set this up with the auto option and just an IP address before? As mentioned Let’s Encrypt uses DNS records to issue certificates and that is what our auto option uses