Author Topic: Connection to storage server failed after configuring roundcube for TLS  (Read 1827 times)

Offline weizm2

  • Newbie
  • *
  • Posts: 2
Hi All

We are using Roundcube Webmail 1.2-beta on Ubuntu with Postfix and Dovecot.   Everything was running fine until we modified Roundcube to use TLS.
After configuring Postfix for TLS, we modified these settings in Roundcube's config.inc.php:

# $config['default_host'] = 'localhost';
$config['default_host'] = 'tls://localhost';

# $config['smtp_server'] = 'localhost';
$config['smtp_server'] = 'tls://mail.ourdomain.com';

The # commented lines are the original settings.
We had to specify the Fully Qualified Domain Name: mail.ourdomain.com for TLS to work.   We also added mail.ourdomain.com to the hosts file on the server.
After making these changes, TLS worked fine, but we cannot login to Roundcube anymore.  Keeps getting the "Connection to storage server failed" error.

Found this error in the Roundcube error log:
[20-Feb-2018 09:56:19 -0800]: <1c08ao0m> IMAP Error: Login failed for tommy@mail,ourdomain.com from 192.168.6.1. Unable to negotiate TLS in /usr/share/roundcube/program/lib/Roundcube/rcube_imap.php on line 193 (POST /?_task=login?_task=login&_action=login)

We reverted our configuration to no TLS, and we can login to Roundcube again.

Probably a Dovecot IMAP setting issue?


Thank you very much in anticipation.

WZM





« Last Edit: February 20, 2018, 03:41:31 PM by weizm2 »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,489
    • http://SKaero.com/
Re: Connection to storage server failed after configuring roundcube for TLS
« Reply #1 on: February 20, 2018, 05:08:46 PM »
Try ssl://example.com instead of tls://example.com

Offline weizm2

  • Newbie
  • *
  • Posts: 2
Re: Connection to storage server failed after configuring roundcube for TLS
« Reply #2 on: February 20, 2018, 06:11:13 PM »
Thank you SKaero

We fixed the problem by following the suggestion in this link https://www.roundcubeforum.net/index.php?topic=22035.0

This is what we did in our RC config.inc.php :

$config['default_host'] = 'tls://mail.ourdomain.com';

$config['smtp_server'] = 'tls://mail.ourdomain.function.com';


$config['imap_conn_options'] = array(
    'ssl' => array(
      'verify_peer'       => true,
      'verify_peer_name' => true,
      'peer_name'         => 'mail.ourdomain.com',
      'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH',
      'capath' => '/etc/ssl/certs',
      'cafile'  => '/etc/ssl/certs/chain.pem',
      'local_cert' => '/etc/ssl/certs/combine.pem',
    ),
);

$config['smtp_conn_options'] = array(
    'ssl' => array(
      'verify_peer'       => true,
      'verify_peer_name' => true,
      'peer_name'         => 'mail.ourdomain.com',
      'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH',
      'capath' => '/etc/ssl/certs',
      'cafile'  => '/etc/ssl/certs/chain.pem',
      'local_cert' => '/etc/ssl/certs/combine.pem',
    ),
);



The combine.pem file contains the private key and server certificate.


Offline alec

  • Hero Member
  • *****
  • Posts: 1,137
Re: Connection to storage server failed after configuring roundcube for TLS
« Reply #3 on: February 21, 2018, 02:13:18 AM »
FYI, you should immediately uninstall this version, it has a ton of serious security issues.