Passbolt extension still in "Connecting your account"

I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue

Hi, after successfully installing the passbolt on-prem, and install the App in a android phone (that works properly), I try to install the passbolt extension in two different browsers, Brave and Microsoft Edge. In both the extension (version 4.0.3) keeps loading with the message “connecting your account”.

I didn’t have the opportunity to put any auth information in the extension. This happens in the first click on it after the installation.
passbolt extension loading

Probably is not related to my passbolt install, but follow the logs and healthcheck:

root@da369913d7f6:/usr/share/php/passbolt# su -s /bin/bash www-data
www-data@da369913d7f6:/usr/share/php/passbolt$ ./bin/cake passbolt healthcheck

     __                  _          ___  
    / _ \_  __ __/ /  __  / / /_ 
   / // / _ `/ _/ _/ _ \/ _ \/ / __/ 
  / _/ // (_  |_  ) // / // / / /    
 //    \,/_/_/._/\_//\_/   

 Open source password manager for teams
 Healthcheck shell         


 [PASS] PHP version 8.2.7.
 [PASS] PCRE compiled with unicode support.
 [PASS] The temporary directory and its content are writable and not executable.
 [PASS] The logs directory and its content are writable.
 [PASS] GD or Imagick extension is installed.
 [PASS] Intl extension is installed.
 [PASS] Mbstring extension is installed.

 Config files

 [PASS] The application config file is present
 [WARN] The passbolt config file is missing in /etc/passbolt/
 [HELP] Copy /etc/passbolt/passbolt.default.php to /etc/passbolt/passbolt.php
 [HELP] The passbolt config file is not required if passbolt is configured with environment variables

 Core config

 [PASS] Debug mode is off.
 [PASS] Cache is working.
 [PASS] Unique value set for security.salt
 [PASS] Full base url is set to
 [PASS] App.fullBaseUrl validation OK.
 [PASS] /healthcheck/status is reachable.

 SSL Certificate

 [PASS] SSL peer certificate validates
 [PASS] Hostname is matching in SSL certificate.
 [PASS] Not using a self-signed certificate


 [PASS] The application is able to connect to the database
 [PASS] 30 tables found
 [PASS] Some default content is present
 [PASS] The database schema up to date.

 GPG Configuration

 [PASS] PHP GPG Module is installed and loaded.
 [PASS] The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
 [PASS] The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
 [FAIL] The server OpenPGP key is not set
 [HELP] Create a key, export it and add the fingerprint to /etc/passbolt/passbolt.php
 [HELP] See.
 [PASS] The public key file is defined in /etc/passbolt/passbolt.php and readable.
 [PASS] The private key file is defined in /etc/passbolt/passbolt.php and readable.
 [FAIL] The server key fingerprint doesn't match the one defined in /etc/passbolt/passbolt.php.
 [HELP] Double check the key fingerprint, example: 
 [HELP] sudo su -s /bin/bash -c "gpg --list-keys --fingerprint --home /var/lib/passbolt/.gnupg" www-data | grep -i -B 2 'SERVER_KEY_EMAIL'
 [HELP] SERVER_KEY_EMAIL: The email you used when you generated the server key.
 [HELP] See.
 [FAIL] The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is not in the keyring
 [HELP] Import the private server key in the keyring of the webserver user.
 [HELP] you can try:
 [HELP] sudo su -s /bin/bash -c "gpg --home /var/lib/passbolt/.gnupg --import /etc/passbolt/gpg/serverkey_private.asc" www-data
 [FAIL] The server key does not have a valid email id.
 [HELP] Edit or generate another key with a valid email id.

 Application configuration

 [FAIL] This installation is not up to date. Currently using 4.0.2 and it should be v4.1.0-rc.3.
 [HELP] See.
 [PASS] Passbolt is configured to force SSL use.
 [PASS] App.fullBaseUrl is set to HTTPS.
 [PASS] Selenium API endpoints are disabled.
 [PASS] Search engine robots are told not to index content.
 [INFO] The Self Registration plugin is enabled.
 [INFO] Registration is closed, only administrators can add users.
 [PASS] The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
 [WARN] Host availability checking is disabled.
 [HELP] Make sure this instance is not publicly available on the internet.
 [HELP] Or set the PASSBOLT_EMAIL_VALIDATE_MX environment variable to true.
 [HELP] Or set to true in /etc/passbolt/passbolt.php.
 [PASS] Serving the compiled version of the javascript app.
 [WARN] Some email notifications are disabled by the administrator.

 JWT Authentication

 [PASS] The JWT Authentication plugin is enabled
 [PASS] The /etc/passbolt/jwt/ directory is not writable.
 [PASS] A valid JWT key pair was found

 SMTP Settings

 [PASS] The SMTP Settings plugin is enabled.
 [FAIL] SMTP Setting errors: App\Utility\OpenPGP\Backends\Gnupg::setDecryptKeyFromFingerprint(): Argument #1 ($fingerprint) must be of type string, null given, called in /usr/share/php/passbolt/plugins/PassboltCe/SmtpSettings/src/Service/SmtpSettingsGetSettingsInDbService.php on line 109
 [WARN] The SMTP Settings source is: undefined.
 [HELP] It is recommended to set the SMTP Settings in the database through the administration section.
 [PASS] The SMTP Settings plugin endpoints are disabled.

 [FAIL] 6 error(s) found. Hang in there!
/usr/share/php/passbolt$ ./bin/cake passbolt version

     __                  _          ___  
    / _ \_  __ __/ /  __  / / /_ 
   / // / _ `/ _/ _/ _ \/ _ \/ / __/ 
  / _/ // (_  |_  ) // / // / / /    
 //    \,/_/_/._/\_//\_/   

 Open source password manager for teams
Passbolt CE 4.0.2
Cakephp 4.4.11

Detail: if a open the extension manager using developer mode, I have this result:

Hi All,

We are seeing the same problem on our systems. We are running 4.0.2 Server but the users that are having the problem, The extension is showing 4.1.0 as the version. . How ever for users that have 4.0.3 extension installed, They are just fine.

Thank you for the reports @CleitonAlmeida and @ghostwalker42.

From your report @CleitonAlmeida, it seems that you are trying to install the browser extension on a new browser, and right after installing the browser extension from the Google webstore you clicked on the passbolt icon in the browser toolbar. Can you confirm us your scenario?

If you are in this scenario, we are able to reproduce the issue (PB-25311) and we will ship with a fix with the next release. In the meantime, you should be able to configure the browser extension by following the link that was sent by email? Or request a new one following the url https://PASSBOLT_API/users/recover

@ghostwalker42 Can you detail your scenario? Are you in the same situation as Cleiton or the issue happens with existing users?

Yes, thats the scenario @cedric. And i was able to configure the browser extension by following the link that was sent by email, but now i need to configure in others browsers, and i don’t have access to that link to try again…

I just wanted to add something new. I have one chrome browser that I did the recovery with and now get somethign went wrong! message. Server is fine with my edge browser.

Chrome is running the 4.1.0 ext


1 Like

@CleitonAlmeida You can obtain a new email by following the process of recover at this url https://PASSBOLT_API/users/recover.

@ghostwalker42 It seems that the sign-in process failed at the end of the recover process.

Can you reproduce it systemically or refreshing the page / restarting the browser solved your issue?

If you can reproduce it, can you please provide us with the browser extension log:

  • Go to chrome://extensions
  • Select on index.html of the passbolt browser extension tail
  • Open the console tab and copy/paste here its content
  • In the network tab check for the result the request https://PASSBOLT_API/auth/verify.json?api-version=v2, we are interested by the response body and headers

@cedric It works when using the link to recover… After the recover, the extension works. Maybe this is the normal behaviour, but In a first extension install (in different computers) i was expecting a screen to provide the passbolt server info to connect. Anyway using recover link works well :slight_smile: