Author Topic: SSL Issue?  (Read 9466 times)

Offline DoktorBen

  • Newbie
  • *
  • Posts: 2
SSL Issue?
« on: March 20, 2015, 05:29:09 AM »
Hello together,

I have an working postfix/dovecot installation - iPhone and Thunderbird tested. But now I didn't get the Roundcube up and running...

The SSL Certificate is signed by CACERT and configured in postfix/dovecot. But I get this error in regards of round cube:

Mar 20 09:19:47 mail postfix/smtpd[64318]: SSL_accept:SSLv3 write server hello A
Mar 20 09:19:47 mail postfix/smtpd[64318]: SSL_accept:SSLv3 write certificate A
Mar 20 09:19:47 mail postfix/smtpd[64318]: SSL_accept:SSLv3 write server done A
Mar 20 09:19:47 mail postfix/smtpd[64318]: SSL_accept:SSLv3 flush data
Mar 20 09:19:47 mail postfix/smtpd[64318]: SSL3 alert read:fatal:unknown CA
Mar 20 09:19:47 mail postfix/smtpd[64318]: SSL_accept:failed in SSLv3 read client certificate A
Mar 20 09:19:47 mail postfix/smtpd[64318]: SSL_accept error from mail[136.243.41.12]: 0
Mar 20 09:19:47 mail postfix/smtpd[64318]: warning: TLS library problem: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s3_pkt.c:1294:SSL alert number 48:
Mar 20 09:19:47 mail postfix/smtpd[64318]: lost connection after STARTTLS from mail[136.243.41.12]
Mar 20 09:19:47 mail postfix/smtpd[64318]: disconnect from mail[136.243.41.12]


I using latest Freebsd 10.1 / php56 / nginx / dovecote2 / postfix - installed via ports

May someone could help?

cheers
DoktorBen

Offline tonyvier

  • Jr. Member
  • **
  • Posts: 31
Re: SSL Issue?
« Reply #1 on: March 20, 2015, 06:06:17 AM »
CACRT root certificates are not distributed with any browser or OS (yet?)

You could install the root CA crt of CACRT on your FreeBSD installation.

Or you can look at the options in the config files of Roundcube, $config['smtp_conn_options'] and $config['imap_conn_options']


Offline DoktorBen

  • Newbie
  • *
  • Posts: 2
Re: SSL Issue?
« Reply #2 on: March 20, 2015, 10:49:13 AM »
thank you - now it is working!

To many lines with ssl.... ;-)

Offline Azmuro

  • Newbie
  • *
  • Posts: 1
Re: SSL Issue?
« Reply #3 on: December 27, 2015, 01:58:00 PM »
Hi Guys,

I have the same problem while trying to set my roundcube.

My setup are multiple jails for primary service and i'm trying to set it with roundcube with CACERT certificates.

I tried many way can you tell me  what you did to have it working without this unknowm ca errors.

Thanks a lot.

Azmuro