Passbolt 3.11.0 running in docker from passbolt/passbolt:latest on a Synology DS1821+, connecting to a mariadb 10 on another machine.
Going to the web UI, after about 20 seconds the grey banner with “passbolt” show up, takes another 20 seconds before it shows the password list (which only has 12 entries). Using MS edge on windows 10.
Likewise, when I click on the toolbar button for the extension, it takes about 12 seconds of “connecting your account” before it goes to the login screen.
I’ve checked DB access manually, and both login and queries come back quickly; I’ve also tried the DB option to skip DNS lookups, but that didn’t make any difference. Also don’t see any issues with other apps that use the same DB server.
Enabling the query log on the sql server shows it takes ±6 seconds before passbolt even tries to connect after clicking the toolbar button.
If i do a curl from inside the passbolt container, I see it takes >5 seconds to even get the initial redirect back:
root@passbolt:/usr/share/php/passbolt# time curl -v --header 'Host: XXXXXX' http://localhost
* Trying 127.0.0.1:80...
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET / HTTP/1.1
> Host: XXXXXXXXXX
> User-Agent: curl/7.74.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Server: nginx
< Date: Sat, 04 Mar 2023 18:40:51 GMT
< Content-Type: text/html; charset=UTF-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Keep-Alive: timeout=5
< Set-Cookie: passbolt_session=XXXXXXXXX; path=/; HttpOnly; SameSite=Lax
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate
< Pragma: no-cache
< location: /auth/login?redirect=%2F
< Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self';frame-src 'self' https://*.duosecurity.com;
<
* Connection #0 to host localhost left intact
real 0m5.048s
user 0m0.005s
sys 0m0.005s
Only error in healthcheck is about the certs, which I think is normal when not using a custom cert?
SSL Certificate
[FAIL] SSL peer certificate does not validate
[FAIL] Hostname does not match when validating certificates.
[WARN] Using a self-signed certificate
[HELP] Check https://help.passbolt.com/faq/hosting/troubleshoot-ssl
[HELP] cURL Error (60) SSL certificate problem: unable to get local issuer certificate
Log warns about low entropy at the start, and there’s a bunch of
INFO reaped unknown pid xxx (exit status 0)
messages, but no other errors.
Any ideas or next debug steps to try?