PHP 7.4 security updates EOL Nov 28 2022

:warning:PHP-7.4 security updates are ending on November 28, 2022.
PHP Supported Version

Have any Passbolt Community Members tried using PHP-8.0 or PHP-8.1 with Passbolt?

Please share your upgrade experience:

Hi @Duffman, the next version of the API v3.7 (coming this week or next) will be working with PHP 8.0 and 8.1. Currently it works with 8.0 with some deprecation warnings.

1 Like

That is great news.

Passbolt Devs, keep kicking ass!

You guys are doing a great job!

Thank you for the CE version and all the great community support you provide.



Hi Passbolt Community

I just updated to PHP 8.1.9 and Passbolt is working great! Passbolt software is rock solid work. I really like health check and the other cake options.

Passbolt Version = 3.7.1 CE
OS = Ubuntu 20.04
PHP = 8.1.9
Docker = No
Server = Nginx
DB = PostgreSQL
Email = Postfix
Working = 100%

Hi All,

I’ve been rocking PHP 8.1.2 for a while now and it’s been running smoothly no issues.

PHP 8.1.2 (cli) (built: Aug 8 2022 07:28:23) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.2, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.2, Copyright (c), by Zend Technologies
  • Passbolt Version: 3.7.3 CE
  • OS Debian 11
  • PHP 8.1.2
  • Server: Apache (custom built)
  • DB: MySQL
  • Working 100%

Only issue I had (minor) upon updating from v3.7.1 to v3.7.2 my previous debian install the .htaccess got wiped so that was sorted. Updating to v3.7.3 was clean and no issues at all.


1 Like

Hi @all,

my configuration is:

  • Passbolt Version: 3.8.1 CE
  • OS Debian 11
  • PHP 8.1.2
  • Server: nginx
  • DB: MySQL

How can i upgrade to php 8.1? My last attempt was an absolute disaster that ended in a new installation. Or exist a documentation?

I look forward to your feedback.


I don’t think debian stable will move to php8 till the next debian release. You will receive security patches till that moment so, unless you have some other application requiring php8 you most likely don’t need to change php version.

If you still want to change the php version you should check into the ondrej php ppa repository.

1 Like

Thanks for your reply. The security updates, from Debian 11 are still avaible until march 2023. I would like to switch to 8.1 early.

With my previous installation on php 8.1 i had problems that the folder /etc/passbolt was deleted. And I changed the fastcgi path in nginx-passbolt.conf to php8.1-fpm. That didn’t work either.

@JamesBond has updatet to php 8.1. Maybe he has a trick.

Where did you get such information about the support end of life?

Ubuntu and Debian will provide php security updates on php until EOL for the OS version but some people use the ondrej php ppa repository to be able to use newer versions of php.

Seems like the FOSS community is split on the php issue.

I use the ondrej ppa and run php8.1

check your default php version by running:
php -version

set default php by running
sudo update-alternatives --config php

Select the version you want as default.

There has been an on going talk about PHP over on the Nextcloud forum.

More php info (install ppa)

Oh sorry. I have to miss understand that information. 07.2024 it shall be ended.

Anyhow! I have installed passbold from scratch with the instruction from Xiao How to Install Passbolt Password Manager on Ubuntu 22.04 Server with PHP 8.1. Thanks for that great explanation. I have set a ansible playbook in connection with a simple gitlab ci. And passbolt works great!


1 Like

Hi @mgerber


Debian, Ubuntu, etc will provide 3rd party PHP security support until the EOL of the OS version.

I am a big fan of Xiao’s tutorials but the Passbolt team feels that the LinuxBabe instructions will cause issues down the road, Passbolt advises you to use the Passbolt instructions from Passbolt.

Install Passbolt

For extra security I suggest setting up a WireGuard vpn to only allow one ip address into your server configuration.

WireGuard VPN