I have been using passbolt on Docker for some time now, and it works nicely for now. I would like to test it on a server to grasp all the different steps and to put it in place to work with a team, not juste to store some test password on the internet.
My configuration: Debian 9.3, nginx,php7.0,mariaDB and passbolt 1.6.9.
I’m using a wildcard certificate(with password) for https that works fine with nginx. But when doing the healthcheck, I can’t seem to pass the SSL check, I have others issues but I will look into them once I have solved these:
[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
stream_socket_client(): Failed to enable crypto
stream_socket_client(): unable to connect to ssl://URL:443 (Unknown error)
I had other errors before because of the default cacert inside lib/Cake/Config that don’t appear anymore, but It still doesn’t work.
I generated a p12 certificate to generate the cacert.pem, with and without a password. I also tried different thing with my certificates (I have: .cert,csr,key,chain if it helps) but nothing seems to work.
Is there something obvious I’m missing or is it because of the password or the wildcard?
Thanks for your help, and sorry for my English.