Since today i got this message and can’t use Passbolt Pro anymore:
Could not verify server key. Unable to encrypt the verify token. Error encrypting message: Could not find valid key packet for encryption in key XXXXXXXXXX
The gpg key was expired. I followed this thread and i set the expire date to never via this tutorial.
When i try to recover my account i get this message: This key doesn’t match any account.
Thanks for help.
what i have done:
- delete the passbolt plugin in firefox and reinstall
- try to recover with an fresh browser on an vm
both didn’t work.
Now the healtcheck says:
[FAIL] The server public key defined in the config/passbolt.php (or environment variables) is not in the keyring
i tried this:
rm -fr /var/www/.gnpg
sudo su -s /bin/bash -c /gpg–import /var/www/passbolt/config/gpg/serverkey_private.asc" www-data
but it didn’t helped.
any ideas what to do now?
I’m noticing you have serverky_private.asc instead of serverkey_private.asc. Maybe typo?
thx, i checked this but it was only a copy&paste mistake here in the forum. I used on the server sudo su -s /bin/bash -c /gpg–import /var/www/passbolt/config/gpg/serverkey_private.asc" www-data
and it’s not working.
Hi @Holla_Die_Waldfee okay that’s good to know.
I believe the error message is after the app compares the fingerprint of the keys in the keyring with the fingerprint of the key noted in the config file (or environment variables for docker).
Checking the config file is next.
i checked this, but the config is okay.
i think i have the same problem as here: Could not verify server key - did the key expire?
i will write an e-mail to passbolt, because they closed the thread without telling an solution.
unfortunately the Passbolt team did not respond to my request by email. All attempts to renew the expired gpg key have failed. Really stupid that all backups do not help in this case.
Therefore, I am no longer sure whether I can restore my over 1000 passwords at all and now I have to work with a 4 week old Keepass Backup.
@Holla_Die_Waldfee we didn’t receive any email from you on support. Can you forward your email at firstname.lastname@example.org along with your passbolt customer id (if any). We can schedule a support call with you to get you sorted out.
thx, i have send you an email.
thx to Remy and Cedric for the help. My Passbolt is now working again. To help others with the same problem here an short how-to:
- [YOUR KEY ID] has to replace with your own id, expample 2930B0302120120…
- the path to passbolt (/var/www/passbolt/config/gpg) can be different, you have to check if it is the same like mine!
looking for the key id and expire date
enter the gpg shell
gpg --edit-key [YOUR KEY ID]
again, list the gpg keys
first, take key 0
use the command expire to change the expire time of the key 0
change it to never (or what ever you like)
do the same with key 1
check that the expire date is changed
first we need to delete the serverkey.asc and serverkey_private.asc in /var/www/passbolt/gpg/
now we have to copy the gpg private key to passbolt
gpg --armor --export-secret-keys [YOUR KEY ID] > /var/www/passbolt/config/gpg/serverkey_private.asc
and now for the gpg key
gpg --armor --export [YOUR KEY ID] > /var/www/passbolt/config/gpg/serverkey.asc
change the owner to www-data
su -s /bin/bash -c "gpg --import /var/www/passbolt/config/gpg/serverkey_private.asc" www-data
check that the owner is correct
su -s /bin/bash -c "gpg --list-keys" www-data
now you can recover your account
This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.