Page not found via Https

Checklist
[X] I have read intro post: About the Installation Issues category
[X] I have read the tutorials, help and searched for similar issues
[X] I provide relevant information about my server (component names and versions, etc.)
[X] I provide a copy of my logs and healthcheck
[X] I describe the steps I have taken to trouble shoot the problem
[ ] I describe the steps on how to reproduce the issue

Hi, Guys. I am having a problem with Passbolt, when I try to access via https (certificate has been properly installed), I got the answer that the page /auth/login does not exist, i need to change my baseurl (passbolt config file) to http, to be able to access again. I will try to give as much information as possible. And congratulations on the great tool.

Ubuntu Server 18.04.3 LTS
nginx version: nginx/1.14.0
mariadb Ver 15.1 Distrib 10.1.41
PHP 7.2.19-0ubuntu0.18.04.2 (cli)
Passbolt Version (2.11.0)

Health Check Log

 ____                  __          ____  
/ __ \____  _____ ____/ /_  ____  / / /_ 

/ // / __ `/ / / __ / __ / / _/
/ / // ( |
) /
/ / /
/ / / /
/
/ _
,
/
//.__/__//_/

Open source password manager for teams

Healthcheck shell

Environment

[PASS] PHP version 7.2.19-0ubuntu0.18.04.2.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable.
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.

Config files

[PASS] The application config file is present
[PASS] The passbolt config file is present

Core config

[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to http://192.168.111.128
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.

SSL Certificate

[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate

Database

[PASS] The application is able to connect to the database
[PASS] 26 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.

GPG Configuration

[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server gpg key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.

Application configuration

[PASS] Using latest passbolt version (2.11.0).
[FAIL] Passbot is not configured to force SSL use.
[HELP] Set passbolt.ssl.force to true in config/passbolt.php.
[FAIL] App.fullBaseUrl is not set to HTTPS.
[HELP] Check App.fullBaseUrl url scheme in config/passbolt.php.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.

2 error(s) found. Hang in there!

Nginx /etc/nginx/sites-enabled/default

########## Default server configuration

server {
listen 8000 default_server;
server_name 192.168.111.128;
}
server {
# SSL configuration
listen 443 ssl http2 default_server;
include snippets/self-signed.conf;
include snippets/ssl-params.conf;

  root /var/www/passbolt/webroot/;

######### Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;

server_name _;

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}

######### pass PHP scripts to FastCGI server

location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass 127.0.0.1:9000;
}

######## deny access to .htaccess files, if Apache’s document root
location ~ /.ht {
deny all;
}
}

Hi @rafaelmspc,

Thank you for reporting your issue and using Passbolt.
To help you and resolve the issue that you are having, I would like to have some more information.

  • Did you provide the https URL during or after the installation?

  • Is the healthcheck log provided was ran when Passbolt was configured with the https url?
    I am asking this question because I see in the provided Health Check Log that:
    [PASS] Full base url is set to http://192.168.111.128

If no, can you run the command bin/cake passbolt healthcheck again when the appBaseUrl is set with https please and provide the output log?

Thanks.

Thanks for your reply.

1 - Did you provide the https URL during or after the installation?
No, i provide http.

2 - The health check posted was using as baseurl http.

Posting below the health check with the base url using https.


Healthcheck shell

Environment

[PASS] PHP version 7.2.19-0ubuntu0.18.04.2.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable.
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.

Config files

[PASS] The application config file is present
[PASS] The passbolt config file is present

Core config

[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://192.168.111.128
[PASS] App.fullBaseUrl validation OK.
[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
[HELP] Check that the domain name is correct in config/passbolt.php
[HELP] Check the network settings

SSL Certificate

[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate

Database

[PASS] The application is able to connect to the database
[PASS] 26 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.

GPG Configuration

[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server gpg key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.

Application configuration

[PASS] Using latest passbolt version (2.11.0).
[FAIL] Passbot is not configured to force SSL use.
[HELP] Set passbolt.ssl.force to true in config/passbolt.php.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.

4 error(s) found. Hang in there!

Thank you.

Hi @rafaelmspc,

Can you please replace in your nginx.conf the following part:

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}

with:

location / {
try_files $uri $uri/ /index.php?$args;
}

It should work like this. :slight_smile:

Please keep us updated!

1 Like

It worked!

Thank you.

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.