I have tried all the suggestions up till now but the error message is still there.
I have tried this configuaration for roundcube:
$config['imap_conn_options'] = array(
'ssl' => array(
'peer_name' => '
and this one:
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
and this one too:
$config['imap_conn_options'] = array( 'ssl' => array( 'verify_peer' => true, 'verify_depth' => 3, 'cafile' => '/path/to/my/self/signed/certificate.pem', ), );
I'm at a loss :-(
On Fri, Jun 17, 2016 at 08:43:11AM +0200, Dr. Matthias Sitte wrote:
Solution: Set 'peer_name' in the SSL stream context to the FQDN of the server certificate(s):
// IMAP socket context options // See http://php.net/manual/en/context.ssl.php $config['imap_conn_options'] = array( 'ssl' => array( 'peer_name' => '
', 'verify_peer' => true, 'verify_depth' => 3, #'cafile' => '/dont/need/to/set/this/option', ), ); // SMTP socket context options // See http://php.net/manual/en/context.ssl.php $config['smtp_conn_options'] = array( 'ssl' => array( 'peer_name' => '
', 'verify_peer' => true, 'verify_depth' => 3, #'cafile' => '/dont/need/to/set/this/option', ), ); Works for me.
On 2016-06-16 20:43, Maurizio Dall'Acqua wrote:
I think that you are right when you say that the problem may be the certificate recognition.
As for Roundcube, I've inserted the uncommented php code that you provided in /usr/share/roundcube/main.inc.php.dist, which is the Raspbian file for /config/defaults.inc.php. Unfortunately Roundcube doesn't login and replies with the message "connection to storage server failed". And the log file of dovecot gives the reason: unknown certificate.
In order to solve this problem do you think that I should look into the configuration file of Squirrelmail/Roundcube or in the config file of Dovecot?
On Wed, Jun 15, 2016 at 05:48:32PM -0400, Gedalya wrote:
On 06/15/2016 04:26 PM, Maurizio Dall'Acqua wrote:
Hi,
I have set up a mail server with postfix+dovecot 2.2.13 on my raspberry pi running Raspbian Jassie OS.
Now I would like to add an on-line e-mail client like Squirrelmail or Roundcube. I was able to start up these two clients but when I try to login I get this error message in the dovecot log:
tlsv1 alert unknown ca: SSL alert number 48
But I have inserted the self-signed certificate and key in /etc/dovecot/conf.d/10-master.conf
Moreover, I can send and receive e-mails from/to my server, and I can login successfully to dovecot IMAP with Thunderbird.
Can somebody give me a clue on how to solve this problem? Any help would me much appreciated.
Regards, Maurizio
This could mean that the client has indicated it was unable to verify the server's certificate.
With regards to Roundcube, see this in config/defaults.inc.php:
//$config['imap_conn_options'] = array( // 'ssl' => array( // 'verify_peer' => true, // 'verify_depth' => 3, // 'cafile' => '/etc/openssl/certs/ca.crt', // ), // );