Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
[ X] I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue
I cannot go ahead with installation.
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Passbolt commands should only be executed as the web server user.
The command should be executed with the same user as your web server. By instance:
su -s /bin/bash -c "/var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/bin/cake COMMAND" HTTP_USER
where HTTP_USER match your web server user: www-data, nginx, apache, http
Healthcheck shell........................................................
.
-------------------------------------------------------------------------------
Environment
[PASS] PHP version 8.2.19.
[PASS] PHP version is 8.1 or above.
[PASS] PCRE compiled with unicode support.
[PASS] Mbstring extension is installed.
[PASS] Intl extension is installed.
[PASS] GD or Imagick extension is installed.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
Config files
[PASS] The application config file is present
[PASS] The passbolt config file is present
Core config
[PASS] Cache is working.
[PASS] Debug mode is off.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://passwords.arkage.it
[PASS] App.fullBaseUrl validation OK.
[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
[HELP] Check that the domain name is correct in /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php
[HELP] Check the network settings
SSL Certificate
[WARN] SSL peer certificate does not validate.
[WARN] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate.
[HELP] Check https://help.passbolt.com/faq/hosting/troubleshoot-ssl
SMTP settings
[PASS] The SMTP Settings plugin is enabled.
[PASS] SMTP Settings coherent. You may send a test email to validate them.
[WARN] The SMTP Settings source is: /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php.
[HELP] It is recommended to set the SMTP Settings in the database through the administration section.
[WARN] The SMTP Settings plugin endpoints are enabled.
[HELP] It is recommended to disable the plugin endpoints.
[HELP] Set the PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED environment variable to true.
[HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php.
JWT Authentication
[PASS] The JWT Authentication plugin is enabled.
[PASS] The /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /var/www/vhosts/arkage.it/.gnupg.
[PASS] The directory /var/www/vhosts/arkage.it/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server OpenPGP key is not the default one.
[PASS] The public key file is defined in /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php and readable.
[PASS] The private key file is defined in /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php.
[PASS] The server public key defined in the /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
[PASS] The server public key format is Gopengpg compatible.
[PASS] The server private key format is Gopengpg compatible.
Application configuration
[FAIL] This installation is not up to date. Currently using 4.7.0 and it should be 4.8.0.
[HELP] See https://www.passbolt.com/help/tech/update
[FAIL] Passbolt is not configured to force SSL use.
[HELP] Set passbolt.ssl.force to true in /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[INFO] The Self Registration plugin is enabled.
[INFO] Registration is closed, only administrators can add users.
[PASS] The deprecated self registration public setting was not found in /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php.
[WARN] Host availability checking is disabled.
[HELP] Make sure this instance is not publicly available on the internet.
[HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
[HELP] Or set passbolt.email.validate.mx to true in /var/www/vhosts/arkage.it/passwords.arkage.it/passbolt/config/passbolt.php.
[PASS] Serving the compiled version of the javascript app.
[WARN] Some email notifications are disabled by the administrator.
[PASS] The database schema up to date.
Database
[PASS] The application is able to connect to the database
[PASS] 31 tables found.
[PASS] Some default content is present.
[FAIL] 3 error(s) found. Hang in there!
server conf:
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name passwords.arkage.it;
client_body_buffer_size 100K;
client_header_buffer_size 1k;
client_max_body_size 5M;
client_body_timeout 10;
client_header_timeout 10;
keepalive_timeout 5 5;
send_timeout 10;
ssl_certificate CERTIFICATE_PATH;
ssl_certificate_key KEY_PATH;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
root /var/www/passbolt/webroot;
index index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass unix:/run/php/8.2.19-fpm.sock;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_split_path_info ^(.+\.php)(.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param passwords.arkage.it $http_host;
fastcgi_param PHP_VALUE "upload_max_filesize=5M \n post_max_size=5M";
}
}
getting crazy as I cannot understand what’s going wrong.
passbolt.php:
return [
/**
* DEFAULT APP CONFIGURATION
*
* All the information in this section must be provided in order for passbolt to work
* This configuration overrides the CakePHP defaults located in app.php
* Do not edit app.php as it may break your upgrade process
*/
'App' => [
// A base URL to use for absolute links.
// The fully qualified domain name (including protocol) to your application’s root
// e.g. where the passbolt instance will be reachable to your end users.
// This information is need to render images in emails for example.
'fullBaseUrl' => 'https://passwords.arkage.it',
// OPTIONAL
// You can specify the base directory the app resides in.
// Useful if you are running passbolt in a subdirectory like example.com/passbolt
// Ensure your string starts with a / and does NOT end with a /
'base' => '/passbolt'
],
Hello 
