Mobile app setup issue


I’ve just finished setting up my passbolt instance on a self-hosted server only accessible within LAN (so not using https or SSL doesn’t matter to me), without using https or ssl. I’ve tried both on the latest version of the app on my Samsung note 20 as well as an iPhone 11 and both apps cannot scan the QR code my passbolt web account generates. On Android, it just crashed for me, and on Apple it says that something went wrong with a exclamation mark icon - any idea what’s going wrong? I ran a healthcheck command and everything and all seems fine on server side. I’ve also read through the other forum posts with the same issue and none of the suggestions seem to help me come to a conclusion.

Thanks in advance for any help if anyone can!

After further investigation issue has been narrowed down to purely being an issue that the server is only using http and not https - is there any way to fix the app to work with http as well as https without having to change to https? Hopefully this is fixable soon (maybe an update is already in the works to fix this, not sure), as it’s quite an issue not having a way to access passwords from my mobile device as I often don’t have access to a computer to use.

Hello, I have made a previous forum post outlining my issues meaning that I can’t use the passbolt mobile app due to the QR code scanning failing. I concluded that this was the reason because my server uses HTTP not HTTPS and has no certificate (this is for various reasons that I cannot change currently) - I was wondering if/when the mobile app will be able to be used to connect to just HTTP servers?

Hi @Heath :wave: and sorry for this late reply. :pray:

Unfortunately, it is not planned yet to support HTTP with mobile app :confused: Even if passbolt can be setup with plain HTTP for testing purpose, you shouldn’t leave like that and use HTTPS.

With Let’s Encrypt, SSL certificates are free.

Let me know if you have further questions.


Hello, thanks for the reply - my domain DNS settings point directly to the local IP address of the server - for these reasons I’ve had difficulty obtaining a let’s encrypt certificate. It will error as let’s encrypt can’t see a port forwarded web server, any ideas for what to do to use https while not having the server exposed to the internet? It would not be possible for my current usecase to have it forwarded to the internet.


The default way to gain letsencrypt certificate is called http-01 challenge. It is what you are talking about and you need your server exposed on the internet.
If you can’t use http-01 challenge, maybe would you be interested with dns-01 challenge ? I personally use dns challenge to gain wildcard certificates for my domains.

I generate certificates on my pc and use the manual way to setup passbolt instead of the auto.

More infos here: Challenge Types - Let's Encrypt

How would it be possible to use the DNS challenge with the passbolt setup? Or would I have to install let’s encrypt separately or do some configuration that way - not quite familiar in that area but I could learn if necessary.

I edited my post, I generate certificate with dns challenge on my pc and put them on the passbolt server.

As an example, I own a domain and DNS entries are managed at OVH. I followed this french article just to know how to setup OVH API and get my authentication API keys.

Then, I generate new certs on a regulary basis on my PC with this docker command:

docker run -i --rm --name certbot -v "${PWD}/etcletsencrypt:/etc/letsencrypt" -v "${PWD}/varlibletsencrypt:/var/lib/letsencrypt" -v "${PWD}/.ovhapi:/.ovhapi" certbot/dns-ovh certonly --dns-ovh --dns-ovh-credentials /.ovhapi --non-interactive --agree-tos --email name@domain.tld -d domain.tld -d \*.domain.tld

I use them for my websites and my postfix email server. :slight_smile:

Ok awesome! That’s very useful to know, I’ll investigate that asap and hopefully I can get something similar done on my end.

Thank you!