I have been desperately trying to add an SSL certificate to an existing CentOS 7 installation of Passbolt 3.3.0. My server is only available locally and has no FQDN.
Core config
[PASS] Debug mode is off.
[PASS] Cache is working.
[PASS] Unique value set for security.salt
[PASS] Full base url is set to https://10.10.1.230
[PASS] App.fullBaseUrl validation OK.
[FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
[HELP] Check that the domain name is correct in config/passbolt.php
[HELP] Check the network settings
SSL Certificate
[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] cURL Error (7) Failed connect to 10.10.1.230:443; Connection refused
Suggestions?
Hi @TubbaButta 
and welcome to Passbolt community forum 
Usually a SSL certificate must match with a Fully Qualified Domain Name (FQDN) or a wildcard domain but not an IP address.
If you absolutely want to use HTTPS with an IP, you have to generate self-signed certificates, as described here.
Best regards,
2 Likes
Hii, @TubbaButta
Since your Passbolt server is only accessible locally and lacks a FQDN, you’ll need to generate a self-signed SSL certificate. This allows you to use HTTPS even without a domain name. You can then configure Passbolt and your web server (likely Apache or nginx) to use this certificate for secure connections. To install the ssl certificate on Centos 7 for Passbolt, you need to follow this following steps:-
- Downloading certificates
- Copying the SSL files
- Go to the Apache Configuration & Find and Edit the ssl.conf or httpd.conf file
- Restart the server
- Configure Passbolt
I think you need to understand properly in detail for the installation process and which will help you in knowing about the installation process.
Hope it helps!
