/bin/cake passbolt healthcheck routine executes and shows some
[FAIL] status (see below). In particular, it fails to recognize the fingerprint equivalence in the keyring of
www-data and in the
/gpg/ folder. Quick debugging hacks of the
healthcheck.php page suggests that the string in
config/passbolt.php is not read appropriately by PhP.
[x] I have read intro post: About the Installation Issues category
[x] I have read the tutorials, help and searched for similar issues
- My installation steps mostly rely on this tutorial. I am stuck at step 8.
[x] I provide relevant information about my server (component names and versions, etc.)
- Virtual machine with Debian 10 (buster).
- Apache 2 installed and fully functional with other software.
- Mysql interacting appropriately with
- gpg1 and gpg2 are installed. gpg1 is used as keys with empty. I generated the key with gpg1, as it does not seem to be possible to generate keys with infinite length and no passphrase with gpg2.
- Letsencrypt certificates sucessfully installed for the base URL. http redirects to https.
[x] I provide a copy of my logs and healthcheck
The tail of the error log in
2020-05-23 05:31:22 Error: [Cake\Routing\Exception\MissingRouteException] A route matching “s=/Index/\think\app/invokefunction&function=call_user_func_array&vars=md5&vars=HelloThinkPHP” could not be found. (/var/www/[specific_folder]/vendor/cakephp/cakephp/src/Routing/RouteCollection.php:216)
[x] I describe the steps I have taken to trouble shoot the problem
I have done the suggested steps found in the healtcheck messages (which corrected some [FAILS] that are not reported).
Since the fail message says that the fingerprint is different in the www-data keyring and in the
config/passbolt.phpfile, I hacked the
src/Utility/Healthcheck/GpgHealthchecks.phpfile to add the two following lines:
L162: echo $privateKeyInfo[‘fingerprint’].’\n’;
L163: echo Configure::read(‘passbolt.gpg.serverKey.fingerprint’);
This is meant to check what the application reads in terms of fingerprint (and will obviously be erased when the bug is fixed). The first line yields the complete fingerprint found in both the passbolt.php config file and in the keyring. Strangely, the second line yields only a partial print of the fingerprint: the last five hexadecimals are missing.
When I add five random letters to the fingerprint in the
config/passbolt.php file, I get an accurate echo of the fingerprint in both cases, but it still yields a [FAIL] status when running the healthcheck.
What can perhaps help in the troubleshooting is the fact that when I enter the base URL in a navigator, it successfully redirects to [base-url]/auth/login, but it yields a 404 message. This may be normal as I have not completed the installation.
[x] I describe the steps on how to reproduce the issue
- Reproduce the steps one to seven in the aforementionned tutorial on Debian 10, apache 2 and the use of gpg1.
I would welcome any suggestions or help to find how to resolve such problem.