iPhone App: HTTP status code unexpected

Morgoth · June 28, 2022, 11:35am

Hi

I’m trying to connect my iPhone App with Passbolt. The QR scan works but after that, when I try to login with my passphrase, the following error is occurs: HTTP status code unexpected

Passbolt Version: 3.6.0

Does anyone have the same problem and maybe even a solution?

Best regards

AnatomicJC · June 28, 2022, 12:39pm

Hi @Morgoth and welcome to passbolt community forum

I guess you should find an error while you are authenticating server side. On which operating system and version are you running passbolt ?

You should find relevant logs on:

/var/log/php7.4-fpm.log
/var/log/passbolt/error.log
/var/log/nginx/passbolt-error.log

You can also enable debug logs for the mobile app by following this guide: Passbolt Help | iOS / Android Mobile FAQ

Best regards,

Morgoth · June 28, 2022, 1:02pm

Thank you @_jc

My operating system is: Oracle Linux Server release 7.9

That’s the output from /var/log/nginx/error.log

2022/06/28 14:56:09 [error] 31209#31209: *1525 FastCGI sent in stderr: "PHP message: PHP Warning:  Use of undefined constant yes - assumed 'yes' (this will throw an Error in a future version of PHP) in /var/www/passbolt/config/passbolt.php on line 86" while reading response header from upstream, client: XX.XX.XX.XX, server: passbolt.xxxx, request: "GET /mobile/transfers/6be8dc41-fd80-42f4-82b0-e5a0f0e41e36.json?api-version=v2 HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "passbolt.xxxx"
2022/06/28 14:56:33 [error] 31209#31209: *1565 FastCGI sent in stderr: "PHP message: PHP Warning:  Use of undefined constant yes - assumed 'yes' (this will throw an Error in a future version of PHP) in /var/www/passbolt/config/passbolt.php on line 86" while reading response header from upstream, client: XX.XX.XX.XX, server: passbolt.xxxx, request: "GET /auth/verify.json HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "passbolt.xxxx"
2022/06/28 14:56:33 [error] 31209#31209: *1564 FastCGI sent in stderr: "PHP message: PHP Warning:  Use of undefined constant yes - assumed 'yes' (this will throw an Error in a future version of PHP) in /var/www/passbolt/config/passbolt.php on line 86" while reading response header from upstream, client: XX.XX.XX.XX, server: passbolt.xxxx, request: "GET /auth/jwt/rsa.json HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "passbolt.xxxx"

/var/log/php-fpm/error.log
is empty

/var/www/passbolt/logs/error.log

2022-06-28 13:00:50 alert: The key pair for JWT Authentication is not complete.
2022-06-28 13:00:50 error: The following file could not be read: /var/www/passbolt/config/jwt/jwt.pem.
2022-06-28 13:00:50 error: [Passbolt\JwtAuthentication\Error\Exception\AccessToken\InvalidJwtKeyPairException] The key pair for JWT Authentication is not complete. in /var/www/passbolt/plugins/Passbolt/JwtAuthentication/src/Service/AccessToken/JwtAbstractService.php on line 58
Request URL: /auth/jwt/rsa.json

Best regards,

AnatomicJC · June 28, 2022, 1:21pm

Hi,

Thank you for the logs, it seems your JWT keys are not correctly generated:

Can you check this page to generate properly your JWT key pair ? => Passbolt Help | How to generate JWT key pair manually

As you are running passbolt from sources, take care to this: Replace /usr/share/php by /var/www and /etc/passbolt by /var/www/passbolt/config if you have installed passbolt from sources.

Cheers,

Morgoth · June 28, 2022, 1:39pm

great, that was the missing part. Thank you

sudo  -su nginx  /var/www/passbolt/bin/cake passbolt create_jwt_keys
sudo su -s /bin/bash -c "/var/www/passbolt/bin/cake passbolt healthcheck --jwt" nginx

AnatomicJC · June 28, 2022, 2:07pm

Great,

If you are interested, we also have a passbolt package for OracleLinux: Passbolt Help | Migrate an existing Passbolt CE to a new OracleLinux server

For your information,

Best,

Morgoth · July 27, 2022, 9:11am

Now i have the following issue when a new user want to join by the chrome plugin

{
“code”: 400,
“body”: {
“armored_key”: {
“isNotCreatedInTheFutureRule”: “The key creation date must not be in the future.”
}
}
}

Could this have something to do with jwt_keys? Before I set that, it always works.

remy · July 27, 2022, 9:42am

No this has to do with the user system clock being “in the future” compare to the server. This means the OpenPGP for that user is created in the future and Gnupg doesn’t like this. Check your user system clock and server clock.

Morgoth · July 27, 2022, 10:17am

oh yes I see. Thank you

Evercool01 · August 7, 2022, 2:51am

This is the error that I’m getting, I already did suggestions, but it keeps detecting that /etc/passbolt/jwt is still writeable. Any ideas?

[PASS] The JWT Authentication plugin is enabled
[FAIL] The /etc/passbolt/jwt/ directory should not be writable.
[HELP] You can try:
[HELP] sudo chown -Rf root:nginx /etc/passbolt/jwt/
[HELP] sudo chmod 750 /etc/passbolt/jwt/
[HELP] sudo chmod 640 /etc/passbolt/jwt/jwt.key
[HELP] sudo chmod 640 /etc/passbolt/jwt/jwt.pem
[PASS] A valid JWT key pair was found

garrett · August 8, 2022, 4:14pm

Try this, without the slash on end: sudo chmod 750 /etc/passbolt/jwt

Topic		Replies	Views
Mobile app setup issue Installation Issues	9	974	December 16, 2021
Error when configuring ios app Installation Issues	6	216	May 17, 2024
Passbolt iOS - Resource Secret is Invalid Installation Issues	4	469	June 27, 2023
Error after installation on ubuntu 20.04 Installation Issues	11	189	July 15, 2024
Can't use mobile app Installation Issues	5	2096	January 19, 2022

iPhone App: HTTP status code unexpected

Related topics