Good morning, I tried to activate the alpha plugin released on the new version and the option doesn’t shows in the Administration page.
I followed the steps in this guide in order to activate the Microsoft SSO and test it.
I have the browser extension v3.9.1 and Passbolt PRO v3.9.0., using Apache v2.4.38, PHP v8.2.1 and Debian 10.
Here is the passbolt.php file with the flag activated:
<?php
/**
* Passbolt ~ Open source password manager for teams
* Copyright (c) Passbolt SA (https://www.passbolt.com)
*
* Licensed under GNU Affero General Public License version 3 of the or any later version.
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Passbolt SA (https://www.passbolt.com)
* @license https://opensource.org/licenses/AGPL-3.0 AGPL License
* @link https://www.passbolt.com Passbolt(tm)
* @since 2.0.0
*/
/**
* PASSBOLT CONFIGURATION FILE
*
* This is a generated configuration file, which was generated by the passbolt web installer.
*
* To see all available options, you can refer to the default.php file, or replace this file
* by a copy of passbolt.default.php
* Do not modify default.php or you may break your upgrade process.
*
* Read more about how to install passbolt: https://www.passbolt.com/help/tech/install
* Any issue, check out our FAQ: https://www.passbolt.com/faq
* An installation issue? Ask for help to the community: https://community.passbolt.com/
*/
return [
'App' => [
// A base URL to use for absolute links.
// The url where the passbolt instance will be reachable to your end users.
// This information is need to render images in emails for example
'fullBaseUrl' => '$url',
],
// Database configuration.
'Datasources' => [
'default' => [
'host' => 'localhost',
'port' => '3306',
'username' => '$username',
'password' => '$pass',
'database' => '$db',
],
],
// Email configuration.
'EmailTransport' => [
'default' => [
'host' => '$host',
'port' => 25,
'username' => '$username,
'password' => '$pass',
// Is this a secure connection? true if yes, null if no.
'tls' => null,
//'timeout' => 30,
'client' => '$server',
//'url' => null,
],
],
'Email' => [
'default' => [
// Defines the default name and email of the sender of the emails.
'from' => [$email' => 'Passbolt'],
//'charset' => 'utf-8',
//'headerCharset' => 'utf-8',
],
],
'passbolt' => [
// GPG Configuration.
// The keyring must to be owned and accessible by the webserver user.
// Example: www-data user on Debian
'gpg' => [
// Main server key.
'serverKey' => [
// Server private key fingerprint.
'fingerprint' => '$server_key',
'public' => CONFIG . DS . 'gpg' . DS . 'serverkey.asc',
'private' => CONFIG . DS . 'gpg' . DS . 'serverkey_private.asc',
],
],
'registration' => [
'public' => false,
],
'ssl' => [
'force' => true,
],
'security' => [
'smtpSettings' => [
'endpointsDisabled' => true,
]
],
'email' => [
'validate' => [
'mx' => true,
]
],
'sso' => [
'enabled' => true
],
],
];
Here is the Administration page:
And here you are the healthcheck command:
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /
/_/ \__,_/____/____/_.___/\____/_/\__/
Open source password manager for teams
-------------------------------------------------------------------------------
Passbolt commands should only be executed as the web server user.
The command should be executed with the same user as your web server. By instance:
su -s /bin/bash -c "$folder/bin/cake COMMAND" HTTP_USER
where HTTP_USER match your web server user: www-data, nginx, apache, http
Healthcheck shell
-------------------------------------------------------------------------------
Environment
[PASS] PHP version 8.2.1.
[PASS] PCRE compiled with unicode support.
[PASS] The temporary directory and its content are writable and not executable.
[PASS] The logs directory and its content are writable.
[PASS] GD or Imagick extension is installed.
[PASS] Intl extension is installed.
[PASS] Mbstring extension is installed.
Config files
[PASS] The application config file is present
[PASS] The passbolt config file is present
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to $link
[PASS] App.fullBaseUrl validation OK.
[PASS] /healthcheck/status is reachable.
SSL Certificate
[PASS] SSL peer certificate validates
[PASS] Hostname is matching in SSL certificate.
[PASS] Not using a self-signed certificate
Database
[PASS] The application is able to connect to the database
[PASS] 46 tables found
[PASS] Some default content is present
[PASS] The database schema up to date.
GPG Configuration
[PASS] PHP GPG Module is installed and loaded.
[PASS] The environment variable GNUPGHOME is set to $folder/.gnupg.
[PASS] The directory $folder/.gnupg containing the keyring is writable by the webserver user.
[PASS] The server OpenPGP key is not the default one
[PASS] The public key file is defined in $folder/config/passbolt.php and readable.
[PASS] The private key file is defined in $folder/passbolt.php and readable.
[PASS] The server key fingerprint matches the one defined in $folder/config/passbolt.php.
[PASS] The server public key defined in the $folder/config/passbolt.php (or environment variables) is in the keyring.
[PASS] There is a valid email id defined for the server key.
[PASS] The public key can be used to encrypt a message.
[PASS] The private key can be used to sign a message.
[PASS] The public and private keys can be used to encrypt and sign a message.
[PASS] The private key can be used to decrypt a message.
[PASS] The private key can be used to decrypt and verify a message.
[PASS] The public key can be used to verify a signature.
[PASS] The server public key format is Gopengpg compatible.
[PASS] The server private key format is Gopengpg compatible.
Application configuration
[PASS] Using latest passbolt version (3.9.0).
[PASS] Passbolt is configured to force SSL use.
[PASS] App.fullBaseUrl is set to HTTPS.
[PASS] Selenium API endpoints are disabled.
[PASS] Search engine robots are told not to index content.
[PASS] Registration is closed, only administrators can add users.
[PASS] Host availability will be checked.
[PASS] Serving the compiled version of the javascript app.
[PASS] All email notifications will be sent.
JWT Authentication
[PASS] The JWT Authentication plugin is enabled
[PASS] The $folder/config/jwt/ directory is not writable.
[PASS] A valid JWT key pair was found
SMTP Settings
[PASS] The SMTP Settings plugin is enabled.
[PASS] SMTP Settings coherent. You may send a test email to validate them.
[PASS] The SMTP Settings source is: database.
[PASS] The SMTP Settings plugin endpoints are disabled.
[PASS] No error found. Nice one sparky!
Can you help me to activate it in order to test it?
Thank you