Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue
Hello everyone,
My plan is to set up two passbolt servers, alpha and beta, so that the database of the first replicates on the second. To do this, I followed the tutorial below:
First, I successfully configured the alpha server, then I registered a few passwords on it. Finally, I followed official Passbolt tutorial to include a self-signed certificate and unlock HTTPS functionality.
I then configured the beta server. I followed the steps in the clustering tutorial mentioned at the beginning of this post (importing .pem keys and backing up the alpha server database). However, when it came to synchronizing the beta server database with that of the alpha server, I got the following error message:
Error connecting to source ‘replication_user@xxxxxxxxxxxx’. This was attempt 5262/86400, with a delay of 10 seconds between attempts. Message: Authentication plugin ‘caching_sha2_password’ reported error: Authentication requires secure connection.
In response, I imported alpha’s HTTPS certificate on beta, and retried database synchronization on both servers, without success.
Alpha & beta servers information:
Ubuntu 22.04LTS
Nginx
MySQL 8.0.34
PHP 8.1.2
Passbolt CE 4.3.0
Environment
PHP version 8.1.2-1ubuntu2.14.
PCRE compiled with unicode support.
The temporary directory and its content are writable and not executable.
The logs directory and its content are writable.
GD or Imagick extension is installed.
Intl extension is installed.
Mbstring extension is installed.
L'accès SSL est activé.
Config files
The application config file is present
The passbolt config file is present
Core config
Debug mode is off.
Cache is working.
Unique value set for security.salt
Full base url is set to https://xxxxxxxxxxxxx
App.fullBaseUrl validation OK.
/healthcheck/status is reachable.
Base de données
The application is able to connect to the database
32 tables found
Some default content is present
The database schema up to date.
Configuration GPG
PHP GPG Module is installed and loaded.
The environment variable GNUPGHOME is set to /var/lib/passbolt/.gnupg.
The directory /var/lib/passbolt/.gnupg containing the keyring is writable by the webserver user.
The server OpenPGP key is not the default one
The public key file is defined in /etc/passbolt/passbolt.php and readable.
The private key file is defined in /etc/passbolt/passbolt.php and readable.
The server key fingerprint matches the one defined in /etc/passbolt/passbolt.php.
The server public key defined in the /etc/passbolt/passbolt.php (or environment variables) is in the keyring.
There is a valid email id defined for the server key.
The public key can be used to encrypt a message.
The private key can be used to sign a message.
The public and private keys can be used to encrypt and sign a message.
The private key can be used to decrypt a message.
The private key can be used to decrypt and verify a message.
The public key can be used to verify a signature.
The server public key format is Gopengpg compatible.
The server private key format is Gopengpg compatible.
Application configuration
Using latest passbolt version (4.3.0).
Passbolt is configured to force SSL use.
App.fullBaseUrl is set to HTTPS.
Selenium API endpoints are disabled.
Search engine robots are told not to index content.
The deprecated self registration public setting was not found in /etc/passbolt/passbolt.php.
Host availability checking is disabled.
Serving the compiled version of the javascript app.
Some email notifications are disabled by the administrator.
Any ideas?
Thanks in advance!