Unable to move past database step

Checklist
[X] I have read intro post: About the Installation Issues category
[X] I have read the tutorials, help and searched for similar issues
[X] I provide relevant information about my server (component names and versions, etc.)
[] I provide a copy of my logs and healthcheck
[X] I describe the steps I have taken to trouble shoot the problem
[X] I describe the steps on how to reproduce the issue

Hi, I am trying to setup Passbolt to test on our server however, I am running into some problems at the MySQL stage. We are hosting the server on an Azure VM and would like to connect to a Azure MySQL db. We have already created a new user on the Azure MySQL db. On the installation page, my config goes something like:

Host: [SERVER].mysql.database.azure.com
Port: 3306
Username: user
Password: pass
Database Name: passbolt

Here is the error message I get: “A connection could not be established with the credentials provided. Please verify the settings”. There are no logs in error.log either. The healthcheck link was broken so I am unsure on how to generate that.

I have already added the server to the security policy, and have verified that I can connect to the database via the terminal. Generally, when we connect via PHP we do something like this:

<?php

$host = 'server.mysql.database.azure.com';
$username = 'user';
$password = 'pass';
$db_name = 'mysql';
$ssl_cert = '/etc/ssl/certs/BaltimoreCyberTrustRoot.crt.pem';

//Establishes the connection
$conn = mysqli_init();
mysqli_ssl_set($conn, NULL, NULL, $ssl_cert, NULL, NULL);
mysqli_real_connect($conn, $host, $username, $password, $db_name, 3306);
if (mysqli_connect_errno($conn)) {
die('Failed to connect to MySQL: '.mysqli_connect_error());
}

printf("Connected\n");

mysqli_close($conn);

?>

I wasn’t sure how to pass in the CA file to passbolt however. I am running a regular Ubuntu 18.04 installation.

Hello,

You can provide information about SSL certificate in the configuration. Under the database section in config/passbolt.php you can add information such as

// Database configuration.
    'Datasources' => [
        'default' => [
            'host' => 'server.mysql.database.azure.com',
            'port' => 3306,
            'username' => 'user',
            'password' => 'pass',
            'database' => 'passbolt',
            // ssl options
            //'ssl_key' => '/path/to/client-key.pem',
            'ssl_cert' => '/etc/ssl/certs/BaltimoreCyberTrustRoot.crt.pem',
            //'ssl_ca' => '/path/to/ca.pem',
        ],
    ],

If you used Docker / environment variables to configure, you can use the following:
DATASOURCES_DEFAULT_SSL_KEY, DATASOURCES_DEFAULT_SSL_CERT, DATASOURCES_DEFAULT_SSL_CA.

I am currently still on the web installer portion, so it looks like my passbolt.php file hasn’t been created yet. Should I be manually copying this over from passbolt.default.php? I unfortunately am not using Docker, so I am not sure how to pass those variables over php-fpm.

@rushil yes the best would be for you to switch to a manual installation as described here, since these options are not available in the wizard:

https://help.passbolt.com/hosting/install/ce/from-source.html

1 Like

Thanks @remy, that pointed me in the right direction. I am now trying to run: sudo su -s /bin/bash -c "./bin/cake passbolt install" www-data but am having some issues with my license.

When I run the license check from my user, I am able to see my details and the check passes. When running through www-data, I get an error saying that the license is invalid. I ran a healthcheck and everything is passing with no errors or warnings, any idea what the problem could be?

www-data:

user@server:/var/www/passbolt$ sudo su -s /bin/bash -c "./bin/cake passbolt license_check" www-data

     ____                  __          ____  
    / __ \____  _____ ____/ /_  ____  / / /_ 
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/ 
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /    
 /_/    \__,_/____/____/_.___/\____/_/\__/   

 Open source password manager for teams
---------------------------------------------------------------

Subscription key error: The license content or signature is not valid.

It looks like you could use some help.
We are here for you. You can contact us at sales@passbolt.com

user:

user@server:/var/www/passbolt$ bin/cake passbolt license_check

     ____                  __          ____  
    / __ \____  _____ ____/ /_  ____  / / /_ 
   / /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/ 
  / ____/ /_/ (__  |__  ) /_/ / /_/ / / /    
 /_/    \__,_/____/____/_.___/\____/_/\__/   

 Open source password manager for teams
---------------------------------------------------------------

Thanks for choosing Passbolt Pro
Below are your subscription key details

# Removed license details

For any question / feedback / subscription renewal,
kindly contact us at sales@passbolt.com

What is the permission for the subscription key file? Is it readable by www-data?

ps. since you’re a pro subscriber you can get in touch with us at support@passbolt.com

I believe so. Here is the output of ls -l

-rw-r--r-- 1 user www-data 1454 May 22 11:20 config/license

Can you get in touch with us at support@passbolt.com? We can get on a call and get you up and running.