OpenPgp data entrered issues

UnsterKylink · May 15, 2023, 12:13pm

Checklist
[x ] I have read intro post: About the Installation Issues category
[ x] I have read the tutorials, help and searched for similar issues
[ x] I provide relevant information about my server (component names and versions, etc.)
[x ] I provide a copy of my logs and healthcheck
[x ] I describe the steps I have taken to trouble shoot the problem
[x ] I describe the steps on how to reproduce the issue

And i also have this problem too. it’s strange because my ntp is good i compare with time.is

I put my server name for example UnsterPassbolt
and server email like unster@hotmail.fr

And the error appear like he can’t reach the openpgp

Steph · May 15, 2023, 12:14pm

Hello @UnsterKylink !

I put back my answer from the other post here:

For this one, as it is said there is a check to ensure the public key can be use for decryption and the private key can be used for decryption.

To make sure, it’s actually the case when validating the form there is an attempt for encryption and decryption done with the given key. I mean by that, that the server does not only check for the keys flags but is using the key to check if it’s truly usable.

It could come from the NTP yes, but apparently you’ve check that already.

Are you using the installer to generate the key pairs or did you import a custom one? If you imported your own, you might check if the key has been generated for decryption/encryption purpose.

UnsterKylink · May 15, 2023, 12:23pm

Hello @Steph and thanks you for your help

For my server, i follow the manual steps to have a SSL keys on the debian tutoriel.

I’m use this command

openssl req -x509 \
    -newkey rsa:4096 \
    -days 120 \
    -subj "/C=LU/ST=Luxembourg/L=Esch-Sur-Alzette/O=Passbolt SA/OU=Passbolt IT Team/CN=passbolt.domain.tld/" \
    -nodes \
    -addext "subjectAltName = DNS:passbolt.domain.tld" \
    -keyout key.pem \
    -out cert.pem

( I’m just changing the subject ) to have my key

Steph · May 15, 2023, 12:26pm

Well, I guess this command is for your HTTP server to have SSL key and certificate.
For the step with OpenPGP, if you did it manually, you probably have executed gpg commands like this one here

gpg --batch --no-tty --gen-key <<EOF
  Key-Type: default
  Key-Length: 2048
  Subkey-Type: default
  Subkey-Length: 2048
  Name-Real: John Doe
  Name-Email: email@domain.tld
  Expire-Date: 0
  %no-protection
  %commit
EOF

Steph · May 15, 2023, 12:33pm

I guess, you could have use the generated key for SSL as your openPGP key which could explain the error. If so, I think you should try the command found in the help documentation or you can use the UI of the webinstaller to generate it automatically (notice that you won’t have the choice on the key size and if you want to go with RSA 4096bits you will have to do it manually with the command line).

UnsterKylink · May 15, 2023, 12:49pm

It’s work !

I made a mistake to put this topic because i don’t see the command i scrool down to quickly in the tutoriel

Thanks you for your reactivity and help

Steph · May 15, 2023, 12:51pm

Sure !
I’m glad you could have solved your issues !