Plugin-check gpg error and "Oops, something went wrong"when trying to login

Hi,

I have the same issue highlighted here even though I followed these guides:

https://book.cakephp.org/2.0/en/installation/url-rewriting.html#pretty-urls-on-nginx

I noticed this http://10.1.200.93/auth/auth/verify and it gives plugin-check gpg error.

If I run curl http://10.1.200.93/auth/verify.json I get the following.
{"header":{"id":"49cadf37-0eaf-3689-a8f7-430b02908cac","status":"success","title":"app_auth_verify_success","servertime":1509704089,"message":null,"controller":"Auth","action":"verify"},"body":{"fingerprint":"12165C90BB8584E58E4DAF19B2C4B036B252BB7B","keydata":"-----BEGIN...

Server is CentOS v7/ Nginx 1.12 / php-7.1

This is only log entries that I get from nginx access.log file

172.16.10.2 - - [03/Nov/2017:17:00:02 +0530] "GET / HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36" "-"
172.16.10.2 - - [03/Nov/2017:17:00:02 +0530] "GET /auth/login HTTP/1.1" 200 1730 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36" "-"
172.16.10.2 - - [03/Nov/2017:17:00:03 +0530] "POST /auth/verify.json HTTP/1.1" 200 2 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36" "-"

Appreciate little support here.

Here is my nginx config. and here is my passbolt healthcheck.

@hirantha which error message do you get and on which step? The initial github ticket is not clear.
Can you check in the browser logs if there are any network errors / error code on some specific calls?

Hi Remy,

This triggers when trying to login. Here I attached the screenshot on the landing page and right widget do not load and ask to “retry”.

When I enable the debug window, the plugin-check gpg error shows for GnuPG widget and please find the attached screenshot.

I don’t see any network errors nor application log errors from the server side.

Can you go to chrome://extensions/ and click on “inspect view” for the login page, that will show the extension log. Let’s see if there are information there.

Here what I can see. It gives Failed to load resource: the server responded with a status of 403 (Forbidden) and this not recored at nginx error log.

If I catch the GnuPG entry while fast refresh the browser, I can see it tries to connect http://10.1.200.93/auth/auth/verify which is not exist. I assume this is nginx rewrite rule issue but still I can’t get this sorted even check the CackePHP nginx guides.

Appreciate your support.

Alright i’ll try to redo the tutorial and see if I can reproduce the issue.

Hi Remy,

I found followings once I enabled debug on Nginx. It says there is no user associated with the key.

Server: Nginx/1.12.0
Date: Fri, 03 Nov 2017 14:28:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.10
X-GPGAuth-Version: 1.3.0
X-GPGAuth-Login-URL: /auth/login
X-GPGAuth-Logout-URL: /auth/logout
X-GPGAuth-Verify-URL: /auth/verify
X-GPGAuth-Pubkey-URL: /auth/verify
X-GPGAuth-Authenticated: false
X-GPGAuth-Progress: stage0
X-GPGAuth-Error: true
X-GPGAuth-Debug: There is no user associated with this key
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip

However, if I brows http://10.1.200.93/auth/verify.json following output prints

{
header: {
    id: "49cadf37-0eaf-3689-a8f7-430b02908cac",
    status: "success",
    title: "app_auth_verify_success",
    servertime: 1509720013,
    message: null,
    controller: "Auth",
    action: "verify"
    },
    body: {
    fingerprint: "12165C90BB8584E58E4DAF18B2C4B036B252BB7B",
    keydata: "-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuP...

title: "app_auth_verify_success", which means the key is valid?

Here is the complete log https://pastebin.com/2ztCzjJb

Appreciate your support.

Actually a GET /auth/verify.json only display the public key of the server. See Passbolt Help | Authentication in passbolt

The “There is no user associated with this key” is more interesting it means that when the client is sending the user fingerprint the server cannot find the key and/or the user associated with it.

How did you perform the setup? Did you import and existing key or generate a new one?

Can you try creating a new user and following the setup again to see if you get the same error?

Hi Remy,

I have created a new one initially.

Again, I created another user and same plugin-check error fired.

Can I reinstall the server and send you the details that I followed and see whether it appears again?

Yes that would help, we’ve tried to reproduce the issue but we couldn’t so far.

Hi remy,

It works on the new machine; maybe I had configuration errors on previous setup.

We started evaluating it for our dev/test environments and hope to see rest of the features soon.

1 Like