Author Topic: TLS negotiation fails when using RapidSSL certificates (solved)  (Read 322 times)

Offline Langley

  • Newbie
  • *
  • Posts: 4
Hello

We currently have a setup of a mailserver using Dovecot and self-signed certificates, and a webserver with Roundcube (1.3.6) using RapidSSL certificates, both servers running OpenSUSE. We would like to switch Dovecot to the RapidSSL certs as well so clients wont get warnings, but then Roundcube as the only client stops working. The log-in page just says "Loading" endlessly, and the Roundcube error log says:

Code: [Select]
IMAP Error: Login failed for langley from <IP address>. Unable to negotiate TLS in /usr/share/php7/Roundcube/rcube_imap.php on line 196 (GET /?_task=mail&_action=getunread&_page=1&_remote=1&_unlock=0&_=1528381168129)
Depending on what port etc. is set, the line number changes sometimes.

Dovecot's IMAP log shows something similar:

Code: [Select]
dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=<IP address>, lip=<different IP address>, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session=<UO8L+gxuQMKC4mgi>So from what I can understand, our certificate can not be verified, but we have the intermediate certificate configured so I don't get it.


Our Dovecot SLL config is:

Code: [Select]
# SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
ssl = yes

# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
ssl_cert = </etc/ca-certificates/company.com.crt
ssl_key = </etc/ca-certificates/company.com.key

# If key file is password protected, give the password here. Alternatively
# give it when starting dovecot with -p parameter. Since this file is often
# world-readable, you may want to place this setting instead to a different
# root owned 0600 file by using ssl_key_password = <path.
#ssl_key_password =

# PEM encoded trusted certificate authority. Set this only if you intend to use
# ssl_verify_client_cert=yes. The file should contain the CA certificate(s)
# followed by the matching CRL(s). (e.g. ssl_ca = </etc/ssl/certs/ca.pem)
ssl_ca = </etc/ca-certificates/intermediate.crt

# Require that CRL check succeeds for client certificates.
#ssl_require_crl = yes

# Directory and/or file for trusted SSL CA certificates. These are used only
# when Dovecot needs to act as an SSL client (e.g. imapc backend). The
# directory is usually /etc/ssl/certs in Debian-based systems and the file is
# /etc/pki/tls/cert.pem in RedHat-based systems.
#ssl_client_ca_dir =
#ssl_client_ca_file =

# Request client to send a certificate. If you also want to require it, set
# auth_ssl_require_client_cert=yes in auth section.
#ssl_verify_client_cert = no

# Which field from certificate to use for username. commonName and
# x500UniqueIdentifier are the usual choices. You'll also need to set
# auth_ssl_username_from_cert=yes.
#ssl_cert_username_field = commonName

# DH parameters length to use.
ssl_dh_parameters_length = 2048

# SSL protocols to use
ssl_protocols = !SSLv2 !SSLv3

# SSL ciphers to use
ssl_cipher_list = ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH

# Prefer the server's order of ciphers over client's.
ssl_prefer_server_ciphers = yes

# SSL crypto device to use, for valid values run "openssl engine"
#ssl_crypto_device =

# SSL extra options. Currently supported options are:
#   no_compression - Disable compression.
ssl_options = no_compression

Roundcube's IMAP config:
Code: [Select]
$config['default_host'] = 'tls://imap.company.com';

// TCP port used for IMAP connections
//$config['default_port'] = 993;
$config['default_port'] = 993;

// IMAP connection timeout, in seconds. Default: 0 (no limit)
$config['imap_timeout'] = 300;

//$config['default_port'] = 143;
// For STARTTLS IMAP
 $config['imap_conn_options'] = array(
     'ssl' => array(
       'verify_peer'       => true,
// certificate is not self-signed if cafile provided
       'allow_self_signed' => true,
       'cafile'  => '/etc/ca-certificates/intermediate.crt',
// For Letsencrypt use the following two lines and remove the 'cafile' option above.
       'ssl_cert' => '/etc/ca-certificates/company.com.crt',
       'ssl_key'  => '/etc/ca-certificates/company.com.key',
// probably optional parameters
       'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH',
       'peer_name'         => 'imap.company.com'
     ),
 );
I have tried adding 'verify_depth => 10' with no difference.

As mentioned, other clients (Evolution, Thunderbird, Tine20) works fine.... And using gnutls I get the correct certificate from the Dovecot server.

I'm really scratching my head over this certificate stuff, so any help is appreciated.
« Last Edit: June 13, 2018, 01:24:10 PM by Langley »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,339
    • http://SKaero.com/
Re: TLS negotiation fails when using RapidSSL certificates
« Reply #1 on: June 07, 2018, 11:18:24 AM »
Try changing from "tls://" to "ssl://" in the default_host config option.

Offline Langley

  • Newbie
  • *
  • Posts: 4
Re: TLS negotiation fails when using RapidSSL certificates
« Reply #2 on: June 07, 2018, 11:38:21 AM »
Then the Roundcube page gives the error "connection to storage server failed" - which is also the error it gives if a port other than 993 is set. Same errors in the logs, except it's on line 1027 in the rcube_imap.php file

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,339
    • http://SKaero.com/
Re: TLS negotiation fails when using RapidSSL certificates
« Reply #3 on: June 07, 2018, 01:44:37 PM »
Hmm does it work if you have verify_peer set to false?

Offline JohnDoh

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2,044
Re: TLS negotiation fails when using RapidSSL certificates
« Reply #4 on: June 08, 2018, 03:12:18 AM »
have a look at this:

https://serverfault.com/questions/509113/unable-to-verify-the-first-certificate-rapidssl-geotrust-ubuntu

and this:

https://stackoverflow.com/questions/28862365/openssl-verify-not-working-with-geotrust-certificate

it seems that the root cert is missing from the /etc/ca-certificates/intermediate.crt bundle and what you need to do is add it
Roundcube Plugins: Contextmenu, SpamAssassin Prefs, and moreā€¦

Offline Langley

  • Newbie
  • *
  • Posts: 4
Re: TLS negotiation fails when using RapidSSL certificates
« Reply #5 on: June 11, 2018, 08:39:12 AM »
Hmm does it work if you have verify_peer set to false?

Yes, then it works

it seems that the root cert is missing from the /etc/ca-certificates/intermediate.crt bundle and what you need to do is add it

Hmm, how would I go about adding the root certificate? DigiCert provides separate intermediate and root certificates: https://knowledge.digicert.com/generalinformation/INFO1548.html

We seem to have DigiCert's roor certificates in /etc/ssl/certs, shouldn't it automatically use that one?

Also, we don't use SSL for our SMTP setup, could that have something to do with it?
« Last Edit: June 13, 2018, 10:21:42 AM by Langley »

Offline Langley

  • Newbie
  • *
  • Posts: 4
Re: TLS negotiation fails when using RapidSSL certificates
« Reply #6 on: June 13, 2018, 01:23:48 PM »
Seems like I have finally solved it, by combining our certificate, intermediate certificate and RapidSSL's root certificate into one fullchain.pem file, which I have then pointed Roundcube to. I also had to let the port remain at 143 instead of 993, for some reason.

All in all, it seems like Roundcube is missing some documentation about this issue. But it is a very convoluted topic I think.

Thanks for pointing me in the right direction