Cannot login on new device - white screen (reverse proxy)

Installation Issues
1

Hello, I cannot login on new device. First device works somewhat OK (settings are unacessible - white screen, mobile login doesn’t seem to be working with QR code…). PassBolt is behind apache2 reverse proxy.

I clicked on URL (“get started”) in email and PassBolt “Please wait” starts loading and then shows white screen. If I click link to server I just get white screen and URL in browser: https://bolt.$MYDOMAIN/auth/login?redirect=%2F
I cannot find other way to start recovery process. If I click on plugin I select I already have an account, then it expects me to click URL in mail.

Does anyone know how to fix login on other device? I’m thinking that reverse proxy might be a problem.

Thank you in advance. If I can provide more info please tell me what I can send.

REVERSE PROXY

I changed the FullBaseURL in passbolt.php to the bolt.$MYDOMAIN.
On the nginx (that was set-up when installing) I set server_name bolt.$MYDOMAIN.

On my reverse proxy (second machine) I made a new vhost:
(some config that I had copied: [h tt p s : // community.passbolt . com/t/apache2-reverseproxy/2268/3](h tt p s : // community.passbolt . com/t/apache2-reverseproxy/2268/3) )

<VirtualHost *:443>

  ServerName bolt.$MYDOMAIN
  ServerAdmin XXXXX@gmail . com

  ErrorLog ${APACHE_LOG_DIR}/bolt-error.log
  CustomLog ${APACHE_LOG_DIR}/bolt-access.log combined

  SSLEngine on
  SSLCertificateFile /root/cert/$MYDOMAIN/fullchain.pem
  SSLCertificateKeyFile /root/cert/$MYDOMAIN/privkey.pem

  ProxyPreserveHost On
  ProxyPass / http://$LOCALIP/
  ProxyPassReverse / http://$LOCALIP/

RewriteEngine On
RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* ws://$LOCALIP%{REQUEST_URI} [P,QSA,L]

ProxyPassReverseCookieDomain $LOCALIP bolt.$MYDOMAIN

</VirtualHost>

HEALTH CHECK


     ____                  __          ____
    / __ \____  _____ ____/ /_  ____  / / /_
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /
 /_/    \__,_/____/____/_.___/\____/_/\__/

 Open source password manager for teams
-------------------------------------------------------------------------------
 Healthcheck shell.........^H^H^H^H^H^H^H^H^H
-------------------------------------------------------------------------------

 Environment

 [PASS] PHP version 8.1.2-1ubuntu2.9.
 [PASS] PCRE compiled with unicode support.
 [PASS] The temporary directory and its content are writable and not executable.
 [PASS] The logs directory and its content are writable.
 [PASS] GD or Imagick extension is installed.
 [PASS] Intl extension is installed.
 [PASS] Mbstring extension is installed.

 Config files

 [PASS] The application config file is present
 [PASS] The passbolt config file is present

 Core config

 [PASS] Debug mode is off.
 [PASS] Cache is working.
 [PASS] Unique value set for security.salt
 [PASS] Full base url is set to bolt.kjanezic.ml
 [FAIL] App.fullBaseUrl does not validate. bolt.kjanezic.ml.
 [HELP] Edit App.fullBaseUrl in config/passbolt.php
 [HELP] Select a valid domain name as defined by section 2.3.1 of http://www.ietf.org/rfc/rfc1035.txt
 [FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
 [HELP] Check that the domain name is correct in config/passbolt.php
 [HELP] Check the network settings

 SSL Certificate

 [FAIL] SSL peer certificate does not validate
 [FAIL] Hostname does not match when validating certificates.
 [WARN] Using a self-signed certificate
 [HELP] Check h tt p s : // help.passbolt . com/faq/hosting/troubleshoot-ssl
 [HELP] The source URI string appears to be malformed

 Database

 [PASS] The application is able to connect to the database
 [PASS] 26 tables found
 [PASS] Some default content is present
 [PASS] The database schema up to date.

 GPG Configuration

 [PASS] PHP GPG Module is installed and loaded.
 [PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
 [PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
 [PASS] The server OpenPGP key is not the default one
 [PASS] The public key file is defined in config/passbolt.php and readable.
 [PASS] The private key file is defined in config/passbolt.php and readable.
 [PASS] The server key fingerprint matches the one defined in config/passbolt.php.
 [PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
 [PASS] There is a valid email id defined for the server key.
 [PASS] The public key can be used to encrypt a message.
 [PASS] The private key can be used to sign a message.
 [PASS] The public and private keys can be used to encrypt and sign a message.
 [PASS] The private key can be used to decrypt a message.
 [PASS] The private key can be used to decrypt and verify a message.
 [PASS] The public key can be used to verify a signature.
 [PASS] The server public key format is Gopengpg compatible.
 [PASS] The server private key format is Gopengpg compatible.

 Application configuration

 [PASS] Using latest passbolt version (3.8.3).
 [FAIL] Passbolt is not configured to force SSL use.
 [HELP] Set passbolt.ssl.force to true in config/passbolt.php.
 [FAIL] App.fullBaseUrl is not set to HTTPS.
 [HELP] Check App.fullBaseUrl url scheme in config/passbolt.php.
 [PASS] Selenium API endpoints are disabled.
 [PASS] Search engine robots are told not to index content.
 [PASS] Registration is closed, only administrators can add users.
 [PASS] Serving the compiled version of the javascript app
 [PASS] All email notifications will be sent.

 JWT Authentication

 [PASS] The JWT Authentication plugin is enabled
 [PASS] The /etc/passbolt/jwt/ directory is not writable.
 [PASS] A valid JWT key pair was found

 SMTP Settings

 [PASS] The SMTP Settings plugin is enabled.
 [PASS] SMTP Settings coherent. You may send a test email to validate them.
 [PASS] The SMTP Settings source is: database.

 [FAIL] 6 error(s) found. Hang in there!

VERSIONS OF PACKAGES

– Server operating system name and version
ProxMox container Ubuntu 22.04

Linux HOSTNAME 5.15.74-1-pve #1 SMP PVE 5.15.74-1 (Mon, 14 Nov 2022 20:17:15 +0100) x86_64 x86_64 x86_64 GNU/Linux

PRETTY_NAME="Ubuntu 22.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.1 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu

– Web server name and version
Where PassBolt is installed:
nginx-common/jammy-updates,jammy-security,now 1.18.0-6ubuntu14.3 all [installed,automatic]
nginx-core/jammy-updates,jammy-security,now 1.18.0-6ubuntu14.3 amd64 [installed,automatic]
nginx/jammy-updates,jammy-security,now 1.18.0-6ubuntu14.3 amd64 [installed,automatic]

ReverseProxy:
apache2-bin/focal-updates,focal-security,now 2.4.41-4ubuntu3.12 amd64 [installed,automatic]
apache2-data/focal-updates,focal-security,now 2.4.41-4ubuntu3.12 all [installed,automatic]
apache2-utils/focal-updates,focal-security,now 2.4.41-4ubuntu3.12 amd64 [installed,automatic]
apache2/focal-updates,focal-security,now 2.4.41-4ubuntu3.12 amd64 [installed]


– Database server name and version
mysql-client-8.0/jammy-updates,jammy-security,now 8.0.31-0ubuntu0.22.04.1 amd64 [installed,automatic]
mysql-client-core-8.0/jammy-updates,jammy-security,now 8.0.31-0ubuntu0.22.04.1 amd64 [installed,automatic]
mysql-common/jammy,now 5.8+1.0.8 all [installed,automatic]
mysql-server-8.0/jammy-updates,jammy-security,now 8.0.31-0ubuntu0.22.04.1 amd64 [installed,automatic]
mysql-server-core-8.0/jammy-updates,jammy-security,now 8.0.31-0ubuntu0.22.04.1 amd64 [installed,automatic]


– Php version
php-cli/jammy,now 2:8.1+92ubuntu1 all [installed,automatic]
php-common/jammy,now 2:92ubuntu1 all [installed,automatic]
php-fpm/jammy,now 2:8.1+92ubuntu1 all [installed,automatic]
php-gd/jammy,now 2:8.1+92ubuntu1 all [installed,automatic]
php-gnupg/jammy,now 1.5.1-2 amd64 [installed,automatic]
php-intl/jammy,now 2:8.1+92ubuntu1 all [installed,automatic]
php-mbstring/jammy,now 2:8.1+92ubuntu1 all [installed,automatic]
php-mysql/jammy,now 2:8.1+92ubuntu1 all [installed,automatic]
php-xml/jammy,now 2:8.1+92ubuntu1 all [installed,automatic]
php8.1-cli/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]
php8.1-common/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]
php8.1-fpm/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]
php8.1-gd/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]
php8.1-gnupg/jammy,now 1.5.1-2 amd64 [installed,automatic]
php8.1-intl/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]
php8.1-mbstring/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]
php8.1-mysql/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]
php8.1-opcache/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]
php8.1-readline/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]
php8.1-xml/jammy-updates,now 8.1.2-1ubuntu2.9 amd64 [installed,automatic]


– Passbolt version
passbolt-ce-server/focal,now 3.8.3-1 all [installed]

Checklist
[ X ] I have read intro post: h tt p s : // community.passbolt . com/t/about-the-installation-issues-category/12
[ X ] I have read the tutorials, help and searched for similar issues
[ X ] I provide relevant information about my server (component names and versions, etc.)
[ X ] I provide a copy of my logs and healthcheck
[ X ] I describe the steps I have taken to trouble shoot the problem
[ X ] I describe the steps on how to reproduce the issue

2

Hi @pikzigmar Welcome to the forum!

White screen issues are often a result of bad path resolution or a missing/faulty htaccess file.

User @JamesBond is the most helpful on this issue if he’s available. His posts are searchable and may help.

3

Thank you for the reply, ill search for such issues and posts involving @JamesBond :slight_smile:

4

Ah… it seems I have found the problem.

I changed the FullBaseURL in passbolt.php to bolt.$MYDOMAIN.
It should be https://bolt.$MYDOMAIN.

Issue can be marked as resolved :slight_smile: