Checklist
[ x] I have read intro post: About the Installation Issues category
[ x] I have read the tutorials, help and searched for similar issues
[x ] I provide relevant information about my server (component names and versions, etc.)
[x ] I provide a copy of my logs and healthcheck
[x ] I describe the steps I have taken to trouble shoot the problem
[x ] I describe the steps on how to reproduce the issue
Hello everyone.
I think Passbolt is great.
I use Passbolt on a Debian 12 server.
I use the latest version of passbolt.
I would like to configure the Passbolt mail server with 365.
I’ve tried several leads, including this one:
But this procedure is almost 4 years old, and Microsoft has changed its security policy since then.
My Passbolt installation works with another mail server, but now, I must use 365.
Could someone give me a procedure or could the admins update this procedure ?
My tests answer : timeout or wrong password.
> ____ __ ____
> / __ \____ _____ ____/ /_ ____ / / /_
> / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
> / ____/ /_/ (__ |__ ) /_/ / /_/ / / /
> /_/ \__,_/____/____/_.___/\____/_/\__/
>
> Open source password manager for teams
> -------------------------------------------------------------------------------
> Healthcheck shell
> -------------------------------------------------------------------------------
>
> Environment
>
> [PASS] PHP version 8.2.7.
> [PASS] PHP version is 8.1 or above.
> [PASS] PCRE compiled with unicode support.
> [PASS] The temporary directory and its content are writable and not executable.
> [PASS] The logs directory and its content are writable.
> [PASS] GD or Imagick extension is installed.
> [PASS] Intl extension is installed.
> [PASS] Mbstring extension is installed.
>
> Config files
>
> [PASS] The application config file is present
> [PASS] The passbolt config file is present
>
> Core config
>
> [PASS] Debug mode is off.
> [PASS] Cache is working.
> [PASS] Unique value set for security.salt
> [PASS] Full base url is set to https://192.168.1.152
> [PASS] App.fullBaseUrl validation OK.
> [PASS] /healthcheck/status is reachable.
>
> SSL Certificate
>
> [WARN] SSL peer certificate does not validate
> [WARN] Hostname does not match when validating certificates.
> [WARN] Using a self-signed certificate
> [HELP] Check https://help.passbolt.com/faq/hosting/troubleshoot-ssl
> [HELP] cURL Error (60) SSL certificate problem: self-signed certificate
>
> Database
>
> [PASS] The application is able to connect to the database
> [PASS] 31 tables found
> [PASS] Some default content is present
> [PASS] The database schema up to date.
>
> GPG Configuration
>
> [PASS] PHP GPG Module is installed and loaded.
> [PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
> [PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
> [PASS] The server OpenPGP key is not the default one
> [PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
> [PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
> [PASS] The server key fingerprint matches the one defined in /etc/passbolt/passbolt.php.
> [PASS] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is in the keyring.
> [PASS] There is a valid email id defined for the server key.
> [PASS] The public key can be used to encrypt a message.
> [PASS] The private key can be used to sign a message.
> [PASS] The public and private keys can be used to encrypt and sign a message.
> [PASS] The private key can be used to decrypt a message.
> [PASS] The private key can be used to decrypt and verify a message.
> [PASS] The public key can be used to verify a signature.
> [PASS] The server public key format is Gopengpg compatible.
> [PASS] The server private key format is Gopengpg compatible.
>
> Application configuration
>
> [PASS] Using latest passbolt version (4.4.2).
> [FAIL] Passbolt is not configured to force SSL use.
> [HELP] Set passbolt.ssl.force to true in /etc/passbolt/passbolt.php.
> [PASS] App.fullBaseUrl is set to HTTPS.
> [PASS] Selenium API endpoints are disabled.
> [PASS] Search engine robots are told not to index content.
> [INFO] The Self Registration plugin is enabled.
> [INFO] The self registration provider is: Email domain safe list.
> [PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
> [WARN] Host availability checking is disabled.
> [HELP] Make sure this instance is not publicly available on the internet.
> [HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
> [HELP] Or set passbolt.email.validate.mx to true in /etc/passbolt/passbolt.php.
> [PASS] Serving the compiled version of the javascript app.
> [WARN] Some email notifications are disabled by the administrator.
>
> JWT Authentication
>
> [PASS] The JWT Authentication plugin is enabled
> [PASS] The /etc/passbolt/jwt/ directory is not writable.
> [PASS] A valid JWT key pair was found
>
> SMTP Settings
>
> [PASS] The SMTP Settings plugin is enabled.
> [PASS] SMTP Settings coherent. You may send a test email to validate them.
> [PASS] The SMTP Settings source is: database.
> [WARN] The SMTP Settings plugin endpoints are enabled.
> [HELP] It is recommended to disable the plugin endpoints.
> [HELP] Set the PASSBOLT_SECURITY_SMTP_SETTINGS_ENDPOINTS_DISABLED environment variable to true.
> [HELP] Or set passbolt.security.smtpSettings.endpointsDisabled to true in /etc/passbolt/passbolt.php.
Thanks a lot.
