I installed passbolt on Azure Kubernetes Cluster using this helm chart GitHub - mmz-srf/passbolt-helm: Passbolt Kubernetes Helm Charts and version 3.9.0-2-ce
Then I create new first admin user and I get welcome email
When I click get started from email I go to the website when I stuck on screen “Please install the browser extension.” even thought I reinstalled this extension and also remove browsing data nothing helps…
Just wonder how can I investigate from here I cannot see any errors inside passbolt container
I also noticed I’m getting key error but not many details here as well unfortunately
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ // / __ `/ / / __ / __ / / _/
/ / // ( | ) // / // / / /
// _,///./_//__/
Open source password manager for teams
Healthcheck shell…Exception: Could not use key for signing. get_key failed
In [/usr/share/php/passbolt/src/Utility/OpenPGP/Backends/Gnupg.php, line 240]
@AnatomicJC Does it matter which user runs the generate secrets script?
Hi @garrett 
,
No, the generate-secrets.sh is just an helper script who will generate passbolt GPG server key and JWT key. The generated keys are used in secret-jwt.yaml and secret-gpg.yaml from the template folder.
@rafhuser which browser are you using ? On which operating system ? If you are using Google chrome, did you try another browser such as Brave or Firefox ? Are you behind a corporate proxy?
Can you follow instructions from the docker troubleshooting page and post full healthcheck output ? Replace docker commands with the kubectl ones to jump into your passbolt pod.
One last thing, which kind of deployment are you trying to achieve, the HA or non-HA one ?
Best regards,
1 Like
Turns out I was missing a fingerprint due to older gpg version “gpg --show-keys” didn’t work
After finding fingerprint and adding this into helm values now looks good and finds chrome extension.
passbolt:
config:
gpgServerKeyFingerprint: “…”
The only thing that I still get in output is this:
Running baseline checks, please wait…
The directory /etc/passbolt/jwt/ is not writable.
You can try sudo chmod 775 $(find /etc/passbolt/jwt/ -type d)
just wonder if this is a problem or can it be left like that…
