Healthcheck cannot pass JWT Authentication check

Hello all

health check command
sudo -H -u www-data bash -c "/var/www/passbolt/bin/cake passbolt healthcheck"
cannot pass JWT Authentication check

 JWT Authentication

 [PASS] The JWT Authentication plugin is enabled
 [FAIL] The /var/www/passbolt/config/jwt/ directory should not be writable.
 [HELP] You can try:
 [HELP] sudo chown -Rf root:www-data /var/www/passbolt/config/jwt/
 [HELP] sudo chmod 750 /var/www/passbolt/config/jwt/
 [HELP] sudo chmod 640 /var/www/passbolt/config/jwt/jwt.key
 [HELP] sudo chmod 640 /var/www/passbolt/config/jwt/jwt.pem
 [PASS] A valid JWT key pair was found

Already tried to perform recommendation HELP, unfortunately still the same error.

Here is ll command output
ll /var/www/passbolt/config/jwt/

total 16
drwxr-x--- 2 root            www-data 4096 Jun 23  2022 ./
dr-xr-x--- 7 hp              www-data 4096 Mar  7 15:48 ../
-rw-r----- 1 root            www-data 3272 Jun 21  2022 jwt.key
-rw-r----- 1 root            www-data  800 Jun 21  2022 jwt.pem

Any help appreciated

  • Passbolt Version: 3.11.0
  • Platform and Target:
    – Operating system: Ubuntu 20.04.5 LTS
    – PHP: 7.4
    – Web server: Nnginx version: nginx/1.18.0 (Ubuntu)
    built with OpenSSL 1.1.1f 31 Mar 2020
    – Database server: MariaDB 10.3.38

Hi @yderi Welcome to the forum!

Any luck after trying the suggestion provided in your GH post regarding parent folder ownership (hp instead of root)?

Good morning, have you tried to change ownership to the user who has access to the website?
For example, if the user is www-data, ll should print www-data in user and group. Instead of that, you print root as user and www-data as group.
You can change that with chown -R www-data:www-data /var/www/passbolt/config/jwt/