If your IMAP server is on the same server as Roundcube you probably don't need SSL since network traffic will not be leaving localhost. The next step would be to figure out what part are you talking about. In the Roundcube config I see 2 places where it lists ssl.
SSL for your IMAP server (usually prot 993).
and
SSL for your SMTP server
Then you have the lest type of SSL that you could be talking about using a secure website where you type https when you logon and view your email via roundcube. If Roundcube is on the same server as your IMAP and SMTP service then I suggest you focus on https. If it's not, then you would need both IMAP and https to sleep well at night. Having a secure SMTP (port 25) is great but once you send outside your server the mail becomes plain text again. You really want to protect the services that need passwords like IMAP and the Roundcube php pages.
The first step would be to get those above services running secure and really has nothing to do with Roundcube. So what exactly are you trying to do, what mail server, IMAP server do you use and maybe I can point you to some articles.