Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue
Running: sudo /usr/share/php/passbolt/bin/status-report
I get:
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Passbolt CE 4.1.0
Cakephp 4.4.14
Linux virtual-machine2 5.15.0-1038-oracle #44-Ubuntu SMP Thu Jun 22 03:34:10 UTC 2023 aarch64 aarch64 aarch64 GNU/Linux
PHP 8.1.2-1ubuntu2.13 (cli) (built: Jun 28 2023 14:01:49) (NTS)
mysql Ver 8.0.33-0ubuntu0.22.04.2 for Linux on aarch64 ((Ubuntu))
gpg (GnuPG) 2.2.27
libgcrypt 1.9.4
ERROR: /usr/share/php/passbolt/bin/utils.sh: line 64: composer: command not found
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Healthcheck shell
-------------------------------------------------------------------------------
Environment
[PASS] PHP version 8.1.2-1ubuntu2.13.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[PASS] The passbolt config file is present
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://141.147.104.169/
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.
SSL Certificate
[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] Check https://help.passbolt.com/faq/hosting/troubleshoot-ssl
[HELP] cURL Error (60) SSL certificate problem: self-signed certificate
Database
[PASS] The application is able to connect to the database
[PASS] 32 tables found
[FAIL] No default content found
[HELP] Run the install script to set the default content such as roles and permission types
[HELP] sudo su -s /bin/bash -c "/usr/share/php/passbolt/bin/cake passbolt install" www-data
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
[PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server OpenPGP key is not the default one
[PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in /etc/passbolt/passbolt.php.
[PASS] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
[PASS] The server public key format is Gopengpg compatible.
[PASS] The server private key format is Gopengpg compatible.
Application configuration
[FAIL] This installation is not up to date. Currently using 4.1.0 and it should be v4.1.1.
[HELP] See. https://www.passbolt.com/help/tech/update
[FAIL] Passbolt is not configured to force SSL use.
[HELP] Set passbolt.ssl.force to true in /etc/passbolt/passbolt.php.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[INFO] The Self Registration plugin is enabled.
[INFO] Registration is closed, only administrators can add users.
[PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
[WARN] Host availability checking is disabled.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
[HELP] Or set passbolt.email.validate.mx to true in /etc/passbolt/passbolt.php.
[PASS] Serving the compiled version of the javascript app.
[WARN] Some email notifications are disabled by the administrator.
JWT Authentication
[PASS] The JWT Authentication plugin is enabled
[PASS] The /etc/passbolt/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found
SMTP Settings
[PASS] The SMTP Settings plugin is enabled.
[PASS] SMTP Settings coherent. You may send a test email to validate them.
[PASS] The SMTP Settings source is: database.
[WARN] The SMTP Settings plugin endpoints are enabled.
[HELP] It is recommended to disable the plugin endpoints.
[HELP] Set the PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED environment variable to true.
[HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /etc/passbolt/passbolt.php.
[FAIL] 5 error(s) found. Hang in there!
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Cleanup shell (dry-run)
-------------------------------------------------------------------------------
No issue found, data looks squeaky clean!
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Data check shell
[PASS] Data integrity for AuthenticationTokens.
[PASS] Can validate: 24/24
[PASS] Data integrity for Comments.
[PASS] Can validate: 0/0
[PASS] Data integrity for Favorites.
[PASS] Can validate: 0/0
[PASS] Data integrity for Gpgkeys.
[PASS] Can encrypt: 1/1
[PASS] Pass validation service checks: 1/1
[PASS] Entity data and armored key data matches: 1/1
[PASS] Is not expired: 1/1
[PASS] Is armored key format valid: 1/1
[PASS] Data integrity for Groups.
[PASS] Can validate: 0/0
[PASS] Data integrity for Profiles.
[PASS] Can validate: 1/1
[PASS] Data integrity for Resources.
[PASS] Can validate: 124/124
[PASS] Data integrity for Secrets.
[PASS] Can validate: 118/118
[PASS] Data integrity for Users.
[PASS] Can validate: 1/1
2023-07-14 02:38:30 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/ab2h" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /ab2h
Client IP: 46.101.210.113
2023-07-14 04:00:42 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/geoserver/web/" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /geoserver/web/
Client IP: 64.62.197.118
2023-07-14 04:03:48 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/.git/config" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /.git/config
Client IP: 64.62.197.114
2023-07-14 04:55:42 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/ab2g" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /ab2g
Client IP: 134.122.103.1
2023-07-14 04:55:42 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/ab2h" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /ab2h
Client IP: 134.122.103.1
2023-07-14 04:55:43 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/t4" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /t4
Client IP: 134.122.103.1
2023-07-14 07:38:21 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/Public/home/js/check.js" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /Public/home/js/check.js
Client IP: 47.251.14.232
2023-07-14 07:38:22 error: [Cake\Routing\Exception\MissingRouteException] A route matching "/static/admin/javascript/hetong.js" could not be found. in /usr/share/php/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php on line 197
Request URL: /static/admin/javascript/hetong.js
Client IP: 47.88.90.156
Trying to run sudo -H -u www-data bash -c "/usr/share/php/passbolt/bin/cake passbolt send_test_email --verbose --recipient=my_email@gmail.com"
returns:
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Debug email shell
-------------------------------------------------------------------------------
Email configuration
-------------------------------------------------------------------------------
Host: smtp.gmail.com
Port: 587
Username: my_email@gmail.com
Password: *********
TLS: true
Sending email from: <name> <my_email@gmail.com>
Sending email to: my_email@gmail.com
-------------------------------------------------------------------------------
Trace
[220] smtp.gmail.com ESMTP u11-20020a05600c00cb00b003fbb346279dsm1311619wmm.38 - gsmtp
EHLO localhost
[250] smtp.gmail.com at your service, [<my IP>]
[250] SIZE 35882577
[250] 8BITMIME
[250] STARTTLS
[250] ENHANCEDSTATUSCODES
[250] PIPELINING
[250] CHUNKING
[250] SMTPUTF8
STARTTLS
[220] 2.0.0 Ready to start TLS
EHLO localhost
[250] smtp.gmail.com at your service, [<my IP>]
[250] SIZE 35882577
[250] 8BITMIME
[250] AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
[250] ENHANCEDSTATUSCODES
[250] PIPELINING
[250] CHUNKING
[250] SMTPUTF8
AUTH PLAIN *****
[535] 5.7.8 Username and Password not accepted. Learn more at
[535] 5.7.8 https://support.google.com/mail/?p=BadCredentials u11-20020a05600c00cb00b003fbb346279dsm1311619wmm.38 - gsmtp
Could not send the test email.
Error: SMTP Error: 530 5.7.0 https://support.google.com/mail/?p=WantAuthError u11-20020a05600c00cb00b003fbb346279dsm1311619wmm.38 - gsmtp
I am using an app password given as such “xxxxxxxxxxxxxxxx” - 16 characters no spaces and yet it still fails. After some googling, the error code 530, 5.7.0 means 530, "5.7.0", Must issue a STARTTLS command first.
How would I configure passbolt to do this?