Mobile App for passbolt

VPN is not the problem. The problem what i have is that the server is not reachable from iphone App in local network. But server is reachable from iphone per browser.

first i want to have the app working on local network.

@Inno I may be misunderstanding, but if you are able to access the server via the browser, and the server is only accessible via the local network, then the browser is using the local network and is evidence your phone is reaching the server successfully. Therefore, the apps on your device can also reach locations in your local network.

Hi @Inno / @garrett

We made some other investigations with mobile app and self-signed certificates.

To be able to use mobile app with self-signed certificate, you must add this certificate in your iPhone:

  • Put certificate on your iPhone (send it by email or other)
  • Click on it
  • Go to Settings app and select “Profile Downloaded”
  • Install certificate

Once certificate installed, go to Setting app > General > About and select Certificate Trust Settings and enable your certificate from there.

Regarding your self-signed certificate, you must generate it with a Subject Alternative Name, the correct command to do this is:

openssl req -x509 -newkey rsa:4096 \
	-keyout key.pem \
 	-out cert.pem \
	-days 365 -nodes  \
	-addext "subjectAltName = DNS:passbolt.domain.tld" \
	-subj "/C=LU/ST=Luxembourg/L=Esch-Sur-Alzette/O=Passbolt SA/OU=Passbolt IT Team/CN=passbolt.domain.tld/"

Of course, replace passbolt.domain.tld with your domain. If you plan to use an IP address, you will have to replace DNS: with IP: in the subjectAltName.

If IP is 192.168.1.5:

openssl req -x509 -newkey rsa:4096 \
	-keyout key.pem \
 	-out cert.pem \
	-days 365 -nodes  \
	-addext "subjectAltName = IP:192.168.1.5" \
	-subj "/C=LU/ST=Luxembourg/L=Esch-Sur-Alzette/O=Passbolt SA/OU=Passbolt IT Team/CN=192.168.1.5/"

Documentations on help site will be updated in the coming days.

Yes, should be, but doesn´t work. I am not the only one whith this problem. I see many people whith the same problem here on forum. Mostly it seem´s to be a problem whith the ssl certificate, but i can´t figure it out by my self.

I tried this way with import the cert in my iphone and do this steps exactly in this way, but it doesn´t work. The same mistake.

Sorry, I was misunderstnding. For my own learning, as I don’t use iPhone, is Server Not Reachable a phone message or app message?

Do you see some DNS or IP entry if you check your generated certificate with this openssl command ?

openssl x509 -text -noout -in /path/to/your/cert.pem | grep -E "(DNS|IP)"

If yes, does it matches with your fullBaseURL set in your /etc/passbolt/passbolt.php configuration file ? It must matches.

The message is an app message

1 Like

OK, i think there was an error in my certificate. i renewed the certificate and now it works fine for me.
Thank you for helping me.

2 Likes

Great, thanks for your feedback :+1:

Is there any way to debug a crash? Passbolt android works well on some of my apps, but others, like 7-Eleven app, crash when selecting a password.

Hi @dustbro,

Today I will push for review the latest android (and iOS) with in-app app’s log.

I will mention the bug to the mobile team.

Best,
Max

I tried to use the new mobile app, - connection is successful, but I can not login “Sign in failed” in the new log tab the info logged is:

… server public PGP key fingerprint extraction failed

My installation is on docker behind an Apache Reverse Proxy, all settings are done via ENV variables.

Does anybody have any hints, how to fix that problem?

Greetings,
Martin

Can you post your server public OpenPGP key here to see if there is a problem with it?

The mobile app doesn’t show the folder structure I have in the webversion. Which makes it rather cumbersome to find what I need, since I have to deal with a lot of duplicate account names. Which means that the search will return a lot of similar accounts. It’s nearly impossible to know which account I need, because I cannot see in which folders they are stored.

A fancy search feature is nice, but I rather browse manually to the account I need.

@remy : is this what you mean:
/etc/passbolt/gpg# ls -la
total 72
drwxrwxrwx 2 www-data www-data 4096 Jan 19 14:34 .
drwxrwx— 1 root www-data 4096 Jan 19 11:08 …
-rwxrwx— 1 www-data www-data 18596 Jan 19 14:34 serverkey.asc

if yes I can post the content

Hello @MarioDBKC, the folder (and group and tag) views are on the roadmap for the mobile app. You can see the wireframes here: Figma

Our goal for the next few weeks is first to consolidate and fix any bugs reported by the community. We’ll add more features once the dust of the public release settles.

Yes, make sure the block starts with -----BEGIN PGP PUBLIC KEY BLOCK-----.
Also can you please open a new thread for your issue? It will be simpler to discuss :slight_smile:

Done - Thanks