Passbolt Server internal use with LE DNS Challenge


we are evaluating Passbolt as our Password Manager. One of our goals is to use the server completly internal.
Via Lets Encrypt DNS Challenge we managed to install different services the same way with no forwarding ports 80/443 to this kind of servers. Is this possible with Passbolt too? The PB Install Script only offers LE with http Challenge. Can we change it after the install is complete and its save for future patches?

Best regards

Hi @2983hf,

You are right, passbolt install script provide only Let’s Encrypt HTTP challenge. If you want to use the certificates provided by DNS challenge, upload them on your server and use the manual option in the configuration script. You will just have to provide the path of your uploaded certificates.
For certificate renewal, you will have to upload the new certificates and relaunch the script.

With Debian/Ubuntu, you can preseed the dpkg-reconfigure command with options on this documentation: Passbolt Help | How to install passbolt in non-interactive mode ?

With RPM package, you can pass arguments to the passbolt-configure script, invoke the -h flag to get available options: sudo /usr/loca/bin/passbolt-configure -h

Don’t hesitate if you have further questions.