I’ve just finished setting up my passbolt instance on a self-hosted server only accessible within LAN (so not using https or SSL doesn’t matter to me), without using https or ssl. I’ve tried both on the latest version of the app on my Samsung note 20 as well as an iPhone 11 and both apps cannot scan the QR code my passbolt web account generates. On Android, it just crashed for me, and on Apple it says that something went wrong with a exclamation mark icon - any idea what’s going wrong? I ran a healthcheck command and everything and all seems fine on server side. I’ve also read through the other forum posts with the same issue and none of the suggestions seem to help me come to a conclusion.
After further investigation issue has been narrowed down to purely being an issue that the server is only using http and not https - is there any way to fix the app to work with http as well as https without having to change to https? Hopefully this is fixable soon (maybe an update is already in the works to fix this, not sure), as it’s quite an issue not having a way to access passwords from my mobile device as I often don’t have access to a computer to use.
Hello, I have made a previous forum post outlining my issues meaning that I can’t use the passbolt mobile app due to the QR code scanning failing. I concluded that this was the reason because my server uses HTTP not HTTPS and has no certificate (this is for various reasons that I cannot change currently) - I was wondering if/when the mobile app will be able to be used to connect to just HTTP servers?
Unfortunately, it is not planned yet to support HTTP with mobile app Even if passbolt can be setup with plain HTTP for testing purpose, you shouldn’t leave like that and use HTTPS.
Hello, thanks for the reply - my domain DNS settings point directly to the local IP address of the server - for these reasons I’ve had difficulty obtaining a let’s encrypt certificate. It will error as let’s encrypt can’t see a port forwarded web server, any ideas for what to do to use https while not having the server exposed to the internet? It would not be possible for my current usecase to have it forwarded to the internet.
The default way to gain letsencrypt certificate is called http-01 challenge. It is what you are talking about and you need your server exposed on the internet.
If you can’t use http-01 challenge, maybe would you be interested with dns-01 challenge ? I personally use dns challenge to gain wildcard certificates for my domains.
I generate certificates on my pc and use the manual way to setup passbolt instead of the auto.
How would it be possible to use the DNS challenge with the passbolt setup? Or would I have to install let’s encrypt separately or do some configuration that way - not quite familiar in that area but I could learn if necessary.
As an example, I own a domain and DNS entries are managed at OVH. I followed this french article just to know how to setup OVH API and get my authentication API keys.
Then, I generate new certs on a regulary basis on my PC with this docker command: