Checklist
[ x] I have read intro post: About the Installation Issues category
[ x] I have read the tutorials, help and searched for similar issues
[ x] I provide relevant information about my server (component names and versions, etc.)
[ x] I provide a copy of my logs and healthcheck
[ x] I describe the steps I have taken to trouble shoot the problem
[ x] I describe the steps on how to reproduce the issue
Hi
I am running what I assume is an older version of the Passbolt appliance that I am planning to migrate to a different platform but before I could do this I started getting issues with the Passbolt console properly loading and decrypting passwords with the browser add-on.
This is all I get when I log in to the console.
When I log in the following is written to /var/www/passbolt/logs/error.log
2023-10-10 04:22:57 Error: [Cake\Http\Exception\ForbiddenException] You need to login to access this location. (/var/www/passbolt/src/Auth/GpgAuthenticate.php:85)
Request URL: /users/csrf-token.json?api-version=v2
2023-10-10 04:22:58 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/resource-types.json" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /resource-types.json?api-version=v2
2023-10-10 04:22:59 Error: [Cake\Http\Exception\BadRequestException] The user id should be a uuid or "me". (/var/www/passbolt/src/Controller/Users/UsersViewController.php:39)
Request URL: /users/csrf-token.json?api-version=v2
When I open the Passbolt add-on I see the following in the logs
2023-10-10 04:23:49 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/password-policies/settings.json" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /password-policies/settings.json?api-version=v2
2023-10-10 04:23:49 Error: [Cake\Routing\Exception\MissingRouteException] A route matching "/password-generator/settings.json" could not be found. (/var/www/passbolt/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
Request URL: /password-generator/settings.json?api-version=v2
and I cannot decrypt passwords.
Below is the output from my healthcheck
passbolt@passbolt-pro:/var/www/passbolt/bin$ sudo -H -u www-data bash -c "./cake passbolt healthcheck"
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
---------------------------------------------------------------
Healthcheck shell
---------------------------------------------------------------
Environment
[PASS] PHP version 7.3.11-1~deb10u1.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable.
[PASS] The public image directory and its content are writable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[PASS] The passbolt config file is present
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://<removed>.com
[PASS] App.fullBaseUrl validation OK.
[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
[HELP] Check that the domain name is correct in config/passbolt.php
[HELP] Check the network settings
SSL Certificate
[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] fopen(): https:// wrapper is disabled in the server configuration by allow_url_fopen=0
fopen(https://<removed>.com/healthcheck/status.json): failed to open stream: no suitable wrapper could be found
Database
[PASS] The application is able to connect to the database
[PASS] 31 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to /home/www-data/.gnupg.
[PASS] The directory /home/www-data/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server gpg key is not the default one
[PASS] The public key file is defined in config/passbolt.php and readable.
[PASS] The private key file is defined in config/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in config/passbolt.php.
[PASS] The server public key defined in the config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
Application configuration
[FAIL] Could not connect to passbolt repository to check versions. It is not possible check if your version is up to date.
[HELP] Check the network configuration to allow this script to check for updates.
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Serving the compiled version of the javascript app
[PASS] All email notifications will be sent.
4 error(s) found. Hang in there!
passbolt@passbolt-pro:/var/www/passbolt/bin$
The OS version is below
passbolt@passbolt-pro:~$ uname -v
#1 SMP Debian 4.19.67-2+deb10u2 (2019-11-11)
passbolt@passbolt-pro:~$
I attempted to do a clean up but that didn’t help
passbolt@passbolt-pro:/var/www/passbolt$ sudo -H -u www-data bash -c "./bin/cake passbolt cleanup"
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
---------------------------------------------------------------
Cleanup shell (delete mode)
---------------------------------------------------------------
No issue found, data looks squeaky clean!
passbolt@passbolt-pro:/var/www/passbolt$
Can anyone help me with trying to regain access to my Passbolt service?
Thanks