Hi,

On my LAN Dovecot, Postfix on the one server work fine. Also Thunderbird works fine as an e-mail client.

Now I want to use RC also (on the same server).
So I installed RC and nginx.
My browser shows the login page.

But I can't login
(stream_socket_client(): Failed to enable crypto
Unable to set local cert chain file `/etc/dovecot/private/xxxx.cert'; Check that your cafile/capath settings include details of your certificate and its issuer).

What are the correct RC settings for IMAP/SMTP when using self-signed certificates?
Below is my current configuration.

-----------------------------------------------
Dovecot/Postfix/Thunderbird: OK
Thunderbird: SSL/TLS, Normal password, server: imap.domain.lan:993

Roundcube:
// --------------- IMAP ---------------------------------------

$config['imap_host'] = 'ssl://imap.domain.lan:993';
$config['imap_conn_options'] = [
  'ssl'        => [
    'verify_peer'  => true,
    'verify_peer_name'  => true,
    'verify_depth' => 3,
    'local_cert'  => '/etc/dovecot/ssl/xxxx.cert',
    'local_pk'    => '/etc/dovecot/ssl/xxxx.key',
    'allow_self_signed' => true
  ],
];
$config['imap_auth_type'] = 'PLAIN';

// --------------- SMTP ---------------------------------------

$config['smtp_host'] = 'ssl://smtp.domain.lan:587';
$config['smtp_conn_options'] = [
  'ssl'        => [
    'verify_peer'  => true,
    'verify_peer_name'  => true,
    'verify_depth' => 3,
    'local_cert'  => '/etc/postfix/ssl/cert.pem',
    'local_pk'    => '/etc/postfix/ssl/key.pem',
    'allow_self_signed' => true
  ],
];
$config['smtp_auth_type'] = 'PLAIN';
$config['smtp_user'] = '[email protected]';
$config['$config['smtp_pass' = 'password';

Hi SKaero
After enabling logging in Dovecot I can see the path to the ~/mail/ folder is correct.  I can see a 'permission denied'.  Is it saying no permission to access ~/mail/ folder?  This is what I have.  I seams it is saying these rights are not correct.  If that is true what should they be?  Obviously things have changed (not my machine though).  All worked before upgrade to Fedora 43

drwx------ 8 webmail thecajun 4096 Nov 26 13:22 mail/
-rw------- 1 webmail thecajun 92426 Jan 14  2019 mail/Zabbix
-rw-rw---- 1 webmail mail 959595 Nov 28 08:28 /var/mail/webmail
-r-------- 1 root root 0 Nov 28 11:50 /proc/self/io

=== Dovecot Log ===
Nov 28 08:22:40 imap(webmail)<545055><en9CM6lEMKnAqAT8>: Debug: Effective uid=1002, gid=1000, home=/home/webmail
Nov 28 08:22:40 imap(webmail)<545055><en9CM6lEMKnAqAT8>: Debug: open(/proc/self/io) failed: Permission denied (euid=1002(webmail) egid=1000(thecajun) missing +r perm: /proc/self/io)
Nov 28 08:22:40 imap(webmail)<545055><en9CM6lEMKnAqAT8>: Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes
Nov 28 08:22:40 imap(webmail)<545055><en9CM6lEMKnAqAT8>: Debug: maildir++: root=/home/webmail/mail, index=, indexpvt=, control=, inbox=/home/webmail/mail, alt=
Nov 28 08:22:40 auth: Debug: conn unix:/run/dovecot/auth-master (pid=545055,uid=0): auth-master client: Disconnected: Connection closed (fd=19) (created 2 msecs ago, handshake 2 msecs ago)
Nov 28 08:22:40 imap(webmail)<545055><en9CM6lEMKnAqAT8>: Debug: Mailbox INBOX: Mailbox opened
=== END Dovecot Log ===

I can see from the IMAP log that Roundcube is working correctly, its asking for messages in the inbox "C: A0003 STATUS INBOX (MESSAGES UNSEEN)" and then Dovecot says there are no messages "S: * STATUS INBOX (MESSAGES 0 UNSEEN 0)"

This is most likely a configuration or maybe a permissions issue with Dovecot. You'd need to dig further into the Dovecot logs and configs to confirm.

Thank you for your reply.

This is from the imap log.  I do not see anything out of ordinary.  I noticed it references Dovecot.  Dovecot is a fresh install.  I have not done any configuration.  It's config is after imap log.

=== imap log ===
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] Connecting to MYDOMAIN:143...
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] S: * OK [CAPABILITY IMAP4rev1 LOGIN-REFERRALS ID ENABLE IDLE SASL-IR LITERAL+ STARTTLS AUTH=PLAIN] Dovecot ready.
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] C: A0001 AUTHENTICATE PLAIN ****** [29]
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] S: A0001 OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE REPLACE SNIPPET=FUZZY PREVIEW=FUZZY PREVIEW SPECIAL-USE STATUS=SIZE SAVEDATE COMPRESS=DEFLATE INPROGRESS NOTIFY LITERAL+] Logged in
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] C: A0002 ID ("name" "Roundcube" "version" "1.6.11" "php" "8.4.14" "os" "Linux" "command" "/roundcubemail/?_task=mail&_action=refresh")
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] S: * ID ("name" "Dovecot")
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] S: A0002 OK ID completed (0.001 + 0.000 secs).
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] C: A0003 STATUS INBOX (MESSAGES UNSEEN)
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] S: * STATUS INBOX (MESSAGES 0 UNSEEN 0)
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] S: A0003 OK Status completed (0.001 + 0.000 secs).
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] C: A0004 LOGOUT
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] S: * BYE Logging out
[27-Nov-2025 16:53:33 -0700]: <o4kd7u55> [3E24] S: A0004 OK Logout completed (0.001 + 0.000 secs).
=== END imap log ===

=== Dovecot config ===
dovecot_config_version = 2.4.1
dovecot_storage_version = 2.4.1
protocols {
  imap = yes
  lmtp = yes
}
mail_home = /home/%{user}
mail_driver = maildir
mail_path = ~/mail
first_valid_uid = 1000
namespace inbox {
  inbox = yes
  separator = /
}
passdb pam {
}
userdb passwd {
}
ssl = required
ssl_cipher_list = PROFILE=SYSTEM
ssl_server {
  cert_file = /etc/pki/dovecot/certs/dovecot.pem
  key_file = /etc/pki/dovecot/private/dovecot.pem
}
!include_try conf.d/*.conf
=== END Dovecot config ===

This would most likely be an issue with your IMAP server. To verify you could enable imap_debug in the Roundcube config and check the <RC root>/logs/imap.log to verify what the IMAP server is returning.

If you only have one domain then you set the username_domain in Roundcube config.inc.php file:
// Automatically add this domain to user names for login
// Only for IMAP servers that require full e-mail addresses for login
// Specify an array with 'host' => 'domain' values to support multiple hosts
// Supported replacement variables:
// %h - user's IMAP hostname
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname, $_SERVER['HTTP_HOST'] without the first part)
// %z - IMAP domain (IMAP hostname without the first part)
// For example %n = mail.domain.tld, %t = domain.tld
$config['username_domain'] = '';


I use fetchmail and procmail to retrieve email from my ISP.  It is delivered to the users /var/spool/mail/ files.  This still works.  Using Mutt I can view my new mail.  After the upgrade to Fedora 43 all I see in Roundcube is an empty Inbox and Sent.  None of my Folders show.  There are no errors in error logs.

roundcubemail-1.6.11-2.fc43.noarch
php-8.4.14-1.fc43.x86_64

Here is my config.inc.php

<?php
/* Local configuration for Roundcube Webmail */
$config['db_dsnw'] = 'mysql://USERNAME:PASSWORD@localhost/roundcube';;
$config['smtp_log'] = false;
$config['imap_host'] = 'MYDOMAIN:143';
$config['support_url'] = '';
$config['auto_create_user'] = false;
$config['des_key'] = 'SOMEKEY';
$config['plugins'] = [];
$config['prefer_html'] = false;

Thank you for your time.

Durwin

Im trying to make it so you do not need the .domain when logging in but I am not aware of a way to do this.

Context, Im using a virtualmin panel

Hi There,

I'm still using 1.4.15.  In recent hours I updated my custom animated emojis, and I made them in the APNG format!  1.4.15 was released just over 2 years ago.  Can I get at least 3 more years out of using 1.4.15?

Since the 1.5 and up versions Don't support custom emojis, and since there Isn't an admin panel.  I want to use 1.4.15 as long as possible!    

Quote from: SKaero on November 24, 2025, 08:36:25 PMThat would be the issue. The config file needs to be named "config.inc.php" not "config.php"

*facepalm* That was indeed the issue. Completely my fault. I fixed it, tests successfully now.

thanks!