Mobile Setup: Server and client time out of sync

Caesarovich · May 3, 2024, 11:08am

Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck

Healthcheck shell                                                          
-------------------------------------------------------------------------------

 Environment

 [PASS] PHP version 8.2.18.
 [PASS] PHP version is 8.1 or above.
 [PASS] PCRE compiled with unicode support.
 [PASS] Mbstring extension is installed.
 [PASS] Intl extension is installed.
 [PASS] GD or Imagick extension is installed.
 [PASS] The temporary directory and its content are writable and not executable.
 [PASS] The logs directory and its content are writable.

 Config files

 [PASS] The application config file is present
 [WARN] The passbolt config file is missing in /etc/passbolt/
 [HELP] Copy /etc/passbolt/passbolt.default.php to /etc/passbolt/passbolt.php
 [HELP] The passbolt config file is not required if passbolt is configured with environment variables

 Core config

 [PASS] Cache is working.
 [PASS] Debug mode is off.
 [PASS] Unique value set for security.salt
 [PASS] Full base url is set to https://passbolt.arao.fr
 [PASS] App.fullBaseUrl validation OK.
 [FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
 [HELP] Check that the domain name is correct in /etc/passbolt/passbolt.php
 [HELP] Check the network settings

 SSL Certificate

 [WARN] SSL peer certificate does not validate.
 [WARN] Hostname does not match when validating certificates.
 [WARN] Using a self-signed certificate.
 [HELP] Check https://help.passbolt.com/faq/hosting/troubleshoot-ssl

 SMTP settings

 [PASS] The SMTP Settings plugin is enabled.
 [PASS] SMTP Settings coherent. You may send a test email to validate them.
 [PASS] The SMTP Settings source is: database.
 [PASS] The SMTP Settings plugin endpoints are disabled.

 JWT Authentication

 [PASS] The JWT Authentication plugin is enabled.
 [FAIL] The /etc/passbolt/jwt/ directory should not be writable.
 [HELP] You can try: 
 [HELP] sudo chown -Rf root:www-data /etc/passbolt/jwt/
 [HELP] sudo chmod 750 /etc/passbolt/jwt/
 [HELP] sudo chmod 640 /etc/passbolt/jwt/jwt.key
 [HELP] sudo chmod 640 /etc/passbolt/jwt/jwt.pem
 [PASS] A valid JWT key pair was found.

 GPG Configuration

 [PASS] PHP GPG Module is installed and loaded.
 [PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
 [PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
 [PASS] The server OpenPGP key is not the default one.
 [PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
 [PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
 [PASS] The server key fingerprint matches the one defined in /etc/passbolt/passbolt.php.
 [PASS] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is in the keyring.
 [PASS] There is a valid email id defined for the server key.
 [PASS] The public key can be used to encrypt a message.
 [PASS] The private key can be used to sign a message.
 [PASS] The public and private keys can be used to encrypt and sign a message.
 [PASS] The private key can be used to decrypt a message.
 [PASS] The private key can be used to decrypt and verify a message.
 [PASS] The public key can be used to verify a signature.
 [PASS] The server public key format is Gopengpg compatible.
 [PASS] The server private key format is Gopengpg compatible.

 Application configuration

 [PASS] Using latest passbolt version (4.7.0).
 [FAIL] Passbolt is not configured to force SSL use.
 [HELP] Set passbolt.ssl.force to true in /etc/passbolt/passbolt.php.
 [PASS] App.fullBaseUrl is set to HTTPS.
 [PASS] Selenium API endpoints are disabled.
 [PASS] Search engine robots are told not to index content.
 [INFO] The Self Registration plugin is enabled.
 [INFO] Registration is closed, only administrators can add users.
 [PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
 [WARN] Host availability checking is disabled.
 [HELP] Make sure this instance is not publicly available on the internet.
 [HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
 [HELP] Or set passbolt.email.validate.mx to true in /etc/passbolt/passbolt.php.
 [PASS] Serving the compiled version of the javascript app.
 [WARN] Some email notifications are disabled by the administrator.
 [PASS] The database schema up to date.

 Database

 [PASS] The application is able to connect to the database
 [PASS] 31 tables found.
 [PASS] Some default content is present.

 [FAIL] 3 error(s) found. Hang in there!

I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue

#############

Hi, I can’t get the mobile app to work with my Passbolt instance anymore. It used to work fine until recently. I tried updating, rebooting and recreating the container but it doesn’t solve the issue.

The issue is only for the Mobile App, all other web clients work fine so I am not sure to understand what is causing this issue.

I have seen a similar question asked here but the poster only had a firewall issue. That’s why I’m making a new thread.

clayton · May 3, 2024, 11:37am

Your title mentions the server and client time being out of sync, is that the error message you are receiving?

The time between the client and server being synced is necessary for passbolt to properly function. Could you double check to make sure these are in sync?

Typically with mobile we’ll see this if you have a manual set time instead of network time

Caesarovich · May 4, 2024, 9:50am

Hi, yes it is the error I am receiving. Sorry for not clarifying. And yes I have checked that both server and client have the same time.

This happened after switching daylight saving time in France. So I made sure to update all of my packages, containers and restarted everything. That’s why I’m unsure about why it is not “synced”.

From the passbolt_passbolt_1 container:

root@fcc41cfe0485:/usr/share/php/passbolt# date
Sat May  4 11:51:02 CEST 2024

From my PC:

~ $ date
Sat May  4 11:52:29 AM CEST 2024

Which I can confirm is local time here.

Termindiego25 · May 5, 2024, 8:07am

Have you checked your phone too?
Check if you have activated the automatic sync time and date as @clayton suggested

Caesarovich · July 16, 2024, 1:33pm

Hi,

To end this thread I solved the issue. It really was a problem of time sync on the server. It was almost the same time as the mobile but too off to work. I’ve fixed it by enabling automatic time sync (NTP) on my server. It was originally blocked due to firewall issues we have here.

Thanks for all !

Mikel-Alegria-Soleto · November 15, 2024, 8:20pm

Just make sure that the timezone of your host device is the same as the timezone of your docker container. You can check it in the /etc/timezone file of both devices.