GPG key & CentOS7

antonsobolev1987 · June 27, 2023, 4:59am

Checklist
[х] I have read intro post: About the Installation Issues category
[ х] I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue

Hello! I’m doing a clean install of passbolt on CentOS7. According to the instructions, I reached step 2.3 GPG key.
It doesn’t matter which option is selected - creating or importing an error will appear as a result of the operation
scr1
I checked similar topics on the forum and saw that the main problem in this case is the incorrect operation of ntp. On my stand ntp works correctly
scr2
to prevent the firewall from working, I turned it off, so the theory of port blocking needs to be confirmed.
Please help me solve the problem

clayton · June 27, 2023, 6:32am

For CentOS another common issue with GPG is SELinux. Could you check if you have that enabled and if it is interfering here?

Typically the following can clear up SELinux issues:

setsebool -P httpd_use_gpg=on
setsebool -P gpg_web_anon_write=on
semanage permissive -a gpg_web_t

antonsobolev1987 · June 28, 2023, 2:52am

Hello. Thanks for the answer. I registered these commands, but the problem was not solved. For the sake of experiment, I disabled SELinux altogether, and still the error appeared. Apparently SELinux is not to blame

AnatomicJC · June 28, 2023, 5:29am

Did you check ntp on your PC too ? You can check that on https://time.is

Cheers,

antonsobolev1987 · June 29, 2023, 12:13am

Hello. Thanks for the answer. Time is running out that I have a slight desync. Is it possible that a negligible mismatch of time can live a violation of my problem?

[image]

Steph · June 29, 2023, 8:03am

Hello !
Yes, even a small time shift could lead to problems. Although the error says something different, the error might come from a time desync and the message could possibly be misleading here.

In any case, it is sure that you need both your server and your clients to be time synced otherwise you will face issues at some points.

So, I would suggest that you sync your server time and retry. There is that help page for NTP syncing if you need Passbolt Help | How to set up NTP

antonsobolev1987 · June 30, 2023, 1:14am

Hello! I synchronized the time as much as possible, the discrepancy is now 0.0004 seconds. Let’s try to think what else can cause such problems, except for ntp. By the way, I noticed that the key generation page differs from the one given in the installation instructions - I do not have the “key expire” field. In addition, the fields in the “Advanced setting” section do not allow themselves to be edited, and drop-down lists do not appear in them. Maybe there is a problem somewhere?

[image]

clayton · June 30, 2023, 6:15am

The image on the CentOS7 page is a bit old and not exactly the same as it looks now, but the steps are the same.

When you installed did you get any errors output before the reconfigure command?

Other thing that comes to mind is haveged. Did you install that or no?

I just ran through this installation on a centos7 vagrant box and didn’t run into an issue

antonsobolev1987 · July 5, 2023, 1:40am

I’ll try a fresh installation of centos, and go through the installation of passbolt again. Maybe the problem will go away. I’ll update the topic later.

[image]