Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue
While installing Passbolt on a Digital Ocean CentOS 7 Droplet, auto SSL configuration fails and installation process exits. I’m posting the entire installation output.
[root@passbolt ~]# /usr/local/bin/passbolt-configure
================================================================
____ __ ____
/ __ \____ _____ ____/ /_ ____ / / /_
/ /_/ / __ `/ ___/ ___/ __ \/ __ \/ / __/
/ ____/ /_/ (__ |__ ) /_/ / /_/ / / /_
/_/ \__,_/____/____/_,___/\____/_/\__/
The open source password manager for teams
(c) 2020 Passbolt SA
https://www.passbolt.com
================================================================
==============================================================
Do you want to install a local mariadb server on this machine?
==============================================================
1) yes
2) no
#? yes
Please select (1) or (2) to continue
#? 1
=======================================================
Please enter a new password for the root database user:
=======================================================
MariaDB Root Password:
MariaDB Root Password (verify):
======================================================
Please enter a name for the passbolt database username
======================================================
Passbolt database user name:pb
=======================================================
Please enter a new password for the mysql passbolt user
=======================================================
MariaDB passbolt user password:
MariaDB passbolt user password (verify):
==============================================
Please enter a name for the passbolt database:
==============================================
Passbolt database name:pb
================================================================================
On virtualized environments GnuPG happen to find not enough entropy
to generate a key. Therefore, Passbolt will not run properly.
Do you want to install Haveged to speed up the entropy generation on
your system? Please check https://help.passbolt.com/faq/hosting/why-haveged-
virtual-env
================================================================================
1) yes
2) no
#? 1
================================================================================
Setting hostname...
Please enter the domain name under which passbolt will run.
Note this hostname will be used as server_name for nginx
and as the domain name to register a SSL certificate with
let's encrypt.
If you don't have a domain name and you do not plan to use
let's encrypt please enter the ip address to access this machine
================================================================================
Hostname: [redacted]
================================================================================
Setting up SSL...
Do you want to setup a SSL certificate and enable HTTPS now?
- manual: Prompts for the path of user uploaded ssl certificates and set up
nginx
- auto: Will issue a free SSL certificate with https://www.letsencrypt.org
and set up nginx
- none: Do not setup HTTPS at all
================================================================================
1) manual
2) auto
3) none
#? 2
Enter a email address to register with Let's Encrypt: [redacted]
=============================
Installing os dependencies...
=============================
===================
Setting up nginx...
===================
Loaded plugins: fastestmirror
No Match for argument: certbot
No Packages marked for removal
Requirement already satisfied: pip in /opt/certbot/lib/python3.6/site-packages (21.3.1)
Requirement already satisfied: certbot in /opt/certbot/lib/python3.6/site-packages (1.23.0)
Requirement already satisfied: certbot-nginx in /opt/certbot/lib/python3.6/site-packages (1.23.0)
Requirement already satisfied: parsedatetime>=2.4 in /opt/certbot/lib/python3.6/site-packages (from certbot) (2.6)
Requirement already satisfied: pytz in /opt/certbot/lib/python3.6/site-packages (from certbot) (2023.3)
Requirement already satisfied: acme>=1.23.0 in /opt/certbot/lib/python3.6/site-packages (from certbot) (1.23.0)
Requirement already satisfied: zope.interface in /opt/certbot/lib/python3.6/site-packages (from certbot) (5.5.2)
Requirement already satisfied: configobj>=5.0.6 in /opt/certbot/lib/python3.6/site-packages (from certbot) (5.0.8)
Requirement already satisfied: josepy>=1.9.0 in /opt/certbot/lib/python3.6/site-packages (from certbot) (1.13.0)
Requirement already satisfied: setuptools>=39.0.1 in /opt/certbot/lib/python3.6/site-packages (from certbot) (39.2.0)
Requirement already satisfied: zope.component in /opt/certbot/lib/python3.6/site-packages (from certbot) (5.1.0)
Requirement already satisfied: cryptography>=2.5.0 in /opt/certbot/lib/python3.6/site-packages (from certbot) (40.0.2)
Requirement already satisfied: pyrfc3339 in /opt/certbot/lib/python3.6/site-packages (from certbot) (1.1)
Requirement already satisfied: ConfigArgParse>=0.9.3 in /opt/certbot/lib/python3.6/site-packages (from certbot) (1.5.3)
Requirement already satisfied: distro>=1.0.1 in /opt/certbot/lib/python3.6/site-packages (from certbot) (1.8.0)
Requirement already satisfied: pyparsing>=2.2.0 in /opt/certbot/lib/python3.6/site-packages (from certbot-nginx) (3.0.9)
Requirement already satisfied: PyOpenSSL>=17.3.0 in /opt/certbot/lib/python3.6/site-packages (from certbot-nginx) (23.2.0)
Requirement already satisfied: requests>=2.14.2 in /opt/certbot/lib/python3.6/site-packages (from acme>=1.23.0->certbot) (2.27.1)
Requirement already satisfied: requests-toolbelt>=0.3.0 in /opt/certbot/lib/python3.6/site-packages (from acme>=1.23.0->certbot) (1.0.0)
Requirement already satisfied: six in /opt/certbot/lib/python3.6/site-packages (from configobj>=5.0.6->certbot) (1.16.0)
Requirement already satisfied: cffi>=1.12 in /opt/certbot/lib/python3.6/site-packages (from cryptography>=2.5.0->certbot) (1.15.1)
Requirement already satisfied: zope.event in /opt/certbot/lib/python3.6/site-packages (from zope.component->certbot) (4.6)
Requirement already satisfied: zope.hookable>=4.2.0 in /opt/certbot/lib/python3.6/site-packages (from zope.component->certbot) (5.4)
Requirement already satisfied: pycparser in /opt/certbot/lib/python3.6/site-packages (from cffi>=1.12->cryptography>=2.5.0->certbot) (2.21)
Requirement already satisfied: idna<4,>=2.5 in /opt/certbot/lib/python3.6/site-packages (from requests>=2.14.2->acme>=1.23.0->certbot) (3.4)
Requirement already satisfied: certifi>=2017.4.17 in /opt/certbot/lib/python3.6/site-packages (from requests>=2.14.2->acme>=1.23.0->certbot) (2023.5.7)
Requirement already satisfied: charset-normalizer~=2.0.0 in /opt/certbot/lib/python3.6/site-packages (from requests>=2.14.2->acme>=1.23.0->certbot) (2.0.12)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in /opt/certbot/lib/python3.6/site-packages (from requests>=2.14.2->acme>=1.23.0->certbot) (1.26.16)
/opt/certbot/lib64/python3.6/site-packages/OpenSSL/_util.py:6: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.bindings.openssl.binding import Binding
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Python 3.6 support will be dropped in the next release of Certbot - please upgrade your Python version.
Requesting a certificate for [redacted]
An unexpected error occurred:
ValueError: Invalid version. The only valid version for X509Req is 0.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
The error appears to be: ValueError: Invalid version. The only valid version for X509Req is 0.
I don’t really know what to do about it, I’ve never seen it before.
Currently I’m migrating Passbolt from one CentOS7 instance to a new one, but the installation process so far is unchanged, I’m supposed to migrate my data after installation, however auto ssl seems to be giving me a bit of trouble.
Appreciate any help. Thanks.