Checklist
[ ✓] I have read intro post: https://community.passbolt.com/t/about-the-installation-issues-category/12
[ ✓] I have read the tutorials, help and searched for similar issues
[ * ] I provide relevant information about my server (component names and versions, etc.)
[ * ] I provide a copy of my logs and healthcheck
[✓ ] I describe the steps I have taken to trouble shoot the problem
[ * ] I describe the steps on how to reproduce the issue
I’m currently running the Passbolt Community Edition inside an LXC container on Proxmox. My setup is a bit complex, so let me try to explain it clearly.
Basic Setup:
- Passbolt is running inside an LXC container.
- Nginx is running in a separate LXC container, acting as a reverse proxy. It’s exposed to the public on ports 80 and 443.
- Both containers have different internal IPs and are behind a NAT.
- Mail server is a self-hosted Mailcow instance, which is working fine for all my other services (Node.js, .NET, etc.).
The Problem:
I’m having trouble getting Passbolt to send emails via SMTP using my Mailcow server. For other applications, I usually have to disable SSL certificate validation to get it working:
- In Node.js, I set:
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
- In .NET, I use:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
This allows the applications to work with Mailcow on port 587 (STARTTLS).
However, I haven’t found a way to disable SSL verification in Passbolt for SMTP. If I try to configure it in the email section of passbolt.php, the healthcheck fails, and the Passbolt UI doesn’t even load.
What I’ve Tried:
- Adjusting SMTP settings in
passbolt.php - Ensuring correct ports and credentials
- Verified Mailcow is reachable from the container
Despite all of this, I’m stuck. I’ve spent almost 30 days trying to get this to work.
If I try to change anything from config I am getting healthcheck issues without passing healthcheck UI will not open right?
Heath check Status
[PASS] Cache is working.
[PASS] Debug mode is off.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://192.168.13.158
[PASS] App.fullBaseUrl validation OK.
[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
[HELP] Check that the domain name is correct in /etc/passbolt/passbolt.php
[HELP] Check the network settings
I don’t know how I passed this at first I am using passbolt for last 2 years but now want to change SMTP from sendgrid to own mailcow hosted.
Question:
Is there any way to skip SSL certificate verification for Passbolt’s SMTP configuration (like ignoring invalid or self-signed certs)?
Or is there any workaround others have used in similar self-hosted mail environments?
I’d really appreciate any insights or suggestions. Thanks in advance!