Latest beta desktop app gives an error

Installation Issues
1

Hello!

Using the latest beta version of the Desktop (Windows) App, I get an error message after uploading the Transfer Kit and entering my passkey.

I get an otherwise blank screen with just this error:
"Something went wrong!
The operation failed with the following error:

Could not verify the server key. Server internal error. Check with your administrator."

Passbolt is running on HTTPS with trusted certificates, everything is reachable just fine. Mobile apps (Android, iOS) work fine as well.
I tried removing and reinstalling the app, but it appears the account settings are not deleted when removing the app, because after the re-instlal the app doesn’t ask me to upload the transfer kit again - it just keeps going to this error.

I’m running the latest versions of Passbolt and the app as of this moment. Running a ‘normal’ installation on Debian 12.

2

Hey @rvdv01 ,

Thanks to reach out this issue, let’s investigate how to unblock you.

First of all : when you uninstall the app, you have to remove the entries from the credentials locker : you can follow this link.

Next I need to have more information regarding the configuration :

  • It is a virtual machine ?
  • If it is a virtual machine did you trust the certificate on the windows machine ? Can you reach the API on the windows machine ?
  • Are you using the v4.5.0 version for the API ? I assume that yes but just want to be sure.

Thans in advance,

3

Hello Scadra,

I deleted those credentials and re-installed.
It asked me for the package and my passphrase again.
After that, the same happened: you see sign-in for a few seconds and then the app crashes. When you restart it, I get the same error message again.

  1. Yes, Debian is hosted in a VM on ESXi. But I’m not using Docker or anything, if that’s what you mean
  2. Not sure what you mean by that. It is a virtual machine, yes, but it has a valid SSL certificate from Let’s Encrypt… The instance can also be reached from the internet just fine. I don’t know how I can specifically check whether or not the API can be reached. I believe it’s running on the HTTPS-port, just like the ‘normal’ web-interface?
  3. I’m running this version:
    passbolt-ce-server 4.5.2-1 [ce/debian buster/buster stable]
    ├── is installed
    └── Passbolt, open source password manager for teams

Do you need some additional log files from somewhere or anything?

4

I second the exact issue with the docker deployed ce edition.

5

I was able to fix the issue for my docker install. My setup was behind a traefik reverse proxy and the issue turned out to be caused by http headers. Specifically, I had to change the ReferrerPolicy header from ‘same-origin’ to ‘strict-origin’.

Hopefully this helps someone.

1 Like
6

Hi gosha2818,

Could you tell me where the parameter is in Traefik ? Is it in the middlewares ?

Thanks by advance.

7

Correct, in the middlewares, here is my working headers:

  middlewares:
    passbolt-headers:
      headers:
        FrameDeny: true
        AccessControlAllowMethods: 'GET,OPTIONS,PUT'
        AccessControlAllowOriginList:
          - origin-list-or-null
        AccessControlMaxAge: 100
        AddVaryHeader: true
        BrowserXssFilter: true
        ContentTypeNosniff: true
        ForceSTSHeader: true
        STSIncludeSubdomains: true
        STSPreload: true
        ContentSecurityPolicy: default-src 'self' 'unsafe-inline'
        CustomFrameOptionsValue: SAMEORIGIN
        ReferrerPolicy: strict-origin
        PermissionsPolicy: vibrate 'self'
        STSSeconds: 315360000
8

Ho gosha2818.

I thank you for your help.

But I still have an error after use my passphrase.

"Something went wrong!

The operation failed with the following error:

Une erreur s’est produite lors de la connexion sécurisée"

Error code 400

9

Finally the problem was my traefik reverse proxy accept only TLS 1.3.

I changed the parameter to accept TLS 1.2 and it works fine now.