SSL on existing CentOS 7 insall

TubbaButta · November 1, 2021, 4:17pm

I have been desperately trying to add an SSL certificate to an existing CentOS 7 installation of Passbolt 3.3.0. My server is only available locally and has no FQDN.

Core config

 [PASS] Debug mode is off.
 [PASS] Cache is working.
 [PASS] Unique value set for security.salt
 [PASS] Full base url is set to https://10.10.1.230
 [PASS] App.fullBaseUrl validation OK.
 [FAIL] Could not reach the /healthcheck/status with the url specified in App.fullBaseUrl
 [HELP] Check that the domain name is correct in config/passbolt.php
 [HELP] Check the network settings

 SSL Certificate

 [FAIL] SSL peer certificate does not validate
 [FAIL] Hostname does not match when validating certificates.
 [WARN] Using a self-signed certificate
 [HELP] cURL Error (7) Failed connect to 10.10.1.230:443; Connection refused

Suggestions?

AnatomicJC · November 2, 2021, 9:22am

Hi @TubbaButta and welcome to Passbolt community forum

Usually a SSL certificate must match with a Fully Qualified Domain Name (FQDN) or a wildcard domain but not an IP address.

If you absolutely want to use HTTPS with an IP, you have to generate self-signed certificates, as described here.

Best regards,