NGINX PAGE welcome page and ssl error

Hi,

I’ve installed Passbolt on debian 12 by following the installation guide, at the time to install the ssl certificate i said none, and configured my local IP.

I have domain sub domain passbolt.mydomain.com configure on my home public ip.

On my firewall i configured two rules, one for 80 and one 443 on my server.

it worked fine, and i did to add the certificate on my domain dpkg-reconfigure passbolt-ce-server

I passed the db config, and select auto “letsencrypt” and so far so good.

AND i finished my setup config on the local ip … Once it was done it reloaded and i had the nginx default page.

SO, i tried both 10.0.10.250 <= Local ip and Nginx page and passbolt.mydomain.com anddd Nginx page.

so i tried to modify the nginx available site, and change the local ip by my hostname.domain, and i change port from 80 to 443 and still didn’t work, i also checked my passbolt.php to make sure that fullBaseUrl was good and it looks good … and now i have this :

SSL_ERROR_RX_RECORD_TOO_LONG
Secure Connection Failed

Do you have an idea ? thx

I cannot upload screen because i am a new user ??? so my conf :

NGINX site enable :


listen 80;
listen [::]:80;

# Managed by Passbolt
server_name xxxxxxx-passbolt.xxxxxx.xx;

client_body_buffer_size     100K;
client_header_buffer_size   1K;
client_max_body_size        5M;

client_body_timeout   10;
client_header_timeout 10;
keepalive_timeout     5 5;
send_timeout          10;

root /usr/share/php/passbolt/webroot;
index index.php;
error_log /var/log/nginx/passbolt-error.log info;
access_log /var/log/nginx/passbolt-access.log;

# Managed by Passbolt
# include __PASSBOLT_SSL__

location / {
try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
try_files                $uri =404;
include                  fastcgi_params;
fastcgi_pass             unix:/run/php/php8.2-fpm.sock;
fastcgi_index            index.php;
fastcgi_intercept_errors on;
fastcgi_split_path_info  ^(.+\.php)(.+)$;
fastcgi_param            SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param            SERVER_NAME $http_host;
fastcgi_param PHP_VALUE  "upload_max_filesize=5M \n post_max_size=5M";
}

}```


Passbolt.php

```return [
'App' => [
// A base URL to use for absolute links.
// The url where the passbolt instance will be reachable to your end users.
// This information is need to render images in emails for example
'fullBaseUrl' => 'https://xxxxxxx-passbolt.xxxxxx.xx',
],

// Database configuration.
'Datasources' => [
'default' => [
'driver' => 'Cake\\Database\\Driver\\Mysql',
'host' => '127.0.0.1',
'port' => '3306',
'username' => 'spongebob',
'password' => 'xxxxxxxxxxxxxxxx',
'database' => 'passboltdb',```

Sorry, forgot about logs, i found this in ngninx/error.log :

2024/06/23 01:06:29 [notice] 2582#2582: using inherited sockets from "5;6;"
2024/06/23 01:16:22 [crit] 15883#15883: *69 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: Random IP, server: 0.0.0.0:443
2024/06/23 01:28:14 [crit] 15884#15884: *152 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: Random IP, server: 0.0.0.0:443```

I manage to fixed it so : (I guess)

I sould have finish the intial setup before “reconfigure”.

The nginx conf file was not properly configured, i just had to run another dpkg reconfigure to set up the certificate after, restart everything and it worked

1 Like