1. Store
  2. Apps
  3. Hardware
  4. Support
  5. Solutions

ClearFoundation

Forums
Welcome, Guest
IMAP - Thunderbird and Roundcube
(1 viewing) 1 Guest
Go to bottomPage: 1
TOPIC: IMAP - Thunderbird and Roundcube
#54820
IMAP - Thunderbird and Roundcube 1 Year, 3 Months ago  
Hi,

I'm hoping someone can help me out with a problem with Cyrus-Imap. I can't seem to login using Thunderbird and Roundcube. By checking /var/log/mail, I'm getting this error:

Aug 7 02:55:00 mail imap[317]: accepted connection
Aug 7 02:55:00 mail master[320]: about to exec /usr/lib/cyrus-imapd/imapd
Aug 7 02:55:00 mail imap[320]: executed
Aug 7 02:55:00 mail imap[317]: imapd:Loading hard-coded DH parameters
Aug 7 02:55:00 mail imap[317]: SSL_accept() incomplete -> wait
Aug 7 02:55:00 mail imap[317]: sslv3 alert bad certificate in SSL_accept() -> fail

I have been searching for a fix for 3 days and I can't seem to find a solution. Sorry, I'm like super new to all of this. I'm still currently learning.

I'm trying to setup thunderbird and it just refuses to connect using TLS but when no SSL or authentication, it will connect fine. Is this safe? Also, in roundcube, it won't let me login, it just keeps saying Login Failed.

I have re-installed ClearOS so many times because I keep breaking it messing with configs. Today alone, I re-installed 5x. So, I'm hoping someone can help me with this problem or point me to the right direction.

Would Zarafa fix this problem regarding login in webmail?


Thanks!
Ryan Ng
Fresh Boarder
Posts: 2
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2013/08/06 15:32 By Treehawz.
The administrator has disabled public write access.
 
#54822
Re: IMAP - Thunderbird and Roundcube 1 Year, 3 Months ago  
I cannot check me set up until the weekend but I think with TB I don't use TLS for the same reason. How did you set up Roundcube? Have you tried to telnet into Cyrus? I had to restart Cyrus a few times before I could with 6.3 before Cyrus was released properly.
Nick Howitt
Platinum Boarder
Posts: 6057
graphgraph
User Online Now Click here to see the profile of this user
The administrator has disabled public write access.
 
#54846
Re: IMAP - Thunderbird and Roundcube 1 Year, 3 Months ago  
just today i was able to successfully setup roundcube in ClearOS 6.4 and everything is working fine for 6hrs now with constant testing. i use all default settings during setup and everything worked okay after that. My only problem now is thunderbird.
Ryan Ng
Fresh Boarder
Posts: 2
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#54913
Re: IMAP - Thunderbird and Roundcube 1 Year, 3 Months ago  
I was able to switch TB to both STARTTLS and TLS. I had to accept the certificates manually even if I imported the ClearOS ca-cert into TB and I don't know why (but I am not good with certificates). The only other thing to note is that if you use TLS you have to enable Secure IMAP in the webconfig.
Nick Howitt
Platinum Boarder
Posts: 6057
graphgraph
User Online Now Click here to see the profile of this user
The administrator has disabled public write access.
 
#61790
Re: IMAP - Thunderbird and Roundcube 6 Months ago  
Ryan, I am facing the exact same problem. Did you manage to resolve this?

I am using ClearOS 6.5 Professional. Have just ported it all from a TEST server to this one. It was all working fine on the TEST server.

Without TLS/SSL all is fine with TB and Roundcube. But with it I get this error in the logs -

May 23 14:36:16 mail master[6549]: process 12095 exited, status 75
May 23 14:36:16 mail master[6549]: service imaps pid 12095 in BUSY state: terminated abnormally
May 23 14:36:16 mail imaps[12104]: SSL_accept() incomplete -> wait
May 23 14:36:16 mail imaps[12104]: sslv3 alert bad certificate in SSL_accept() -> fail
May 23 14:36:16 mail imaps[12104]: imaps TLS negotiation failed: ltsp-appserve03.xxx.net [192.168.2.7]
May 23 14:36:16 mail imaps[12104]: Fatal error: tls_start_servertls() failed
May 23 14:36:16 mail master[6549]: process 12104 exited, status 75
May 23 14:36:16 mail master[6549]: service imaps pid 12104 in BUSY state: terminated abnormally


I have tried by recreating the server certificates as well.
Intelliant
Expert Boarder
Posts: 114
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#61791
Re: IMAP - Thunderbird and Roundcube 6 Months ago  
Telnet to IMAPS port 993 also works fine. Have also attempted a complete restart after the porting just to be sure that everything came up as was desired.
Intelliant
Expert Boarder
Posts: 114
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#61855
Re: IMAP - Thunderbird and Roundcube 6 Months ago  
Have tried recreating the server certificates. Have re-checked the cyrus configuration.

Telnet on 993 does not show the server capabilities

# telnet mail.domain.net 993
Trying 192.168.2.2...
Connected to mail.domain.net.
Escape character is '^]'.


However, on 143 it shows this -

# telnet mail.domain.net 143
Trying 192.168.2.2...
Connected to mail.domain.net.
Escape character is '^]'.
* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=PLAIN SASL-IR COMPRESS=DEFLATE] mail.domain.net Cyrus IMAP v2.3.16-Fedora-RPM-2.3.16-6.v6.4 server ready


Is there any other information that I can furnish to help address this?
Intelliant
Expert Boarder
Posts: 114
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#61888
Re: IMAP - Thunderbird and Roundcube [SOLVED] 6 Months ago  
Managed to solve this with help from post of Ian J.

Looks like Thunderbird gets duped by a "bad certificate" the first time. But subsequent deletion and attempt to re-authenticate to the server, it doesn't recognise it as something legitimate akin to what Outlook responds as ''the target principal name is incorrect'' as given in Ian's post.



However, it was solved by creating new certificates following the instructions under Configuring Cyrus with OpenSSL from cyrusimap.web.cmu.edu/docs/cyrus-imapd/2...nstall-configure.php . Have put the new key and certificate at /etc/pki/cyrus-imapd/cyrus-imapd.pem, made it readable for the group 'mail', essentially making it readable for cyrus and am hoping that it shall survive any subsequent upgrades.

Now the certificate looks like this -



This definitely begs an improvement in the cyrus app for 6.x.

PS: Found that my tracker account is disabled as of now. Guess it is due to prolonged non-usage. Will put in a request to enable it and thereafter file a bug report.
Intelliant
Expert Boarder
Posts: 114
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2014/05/28 15:19 By intelliant.
The administrator has disabled public write access.
 
#61890
Re: IMAP - Thunderbird and Roundcube [SOLVED] 6 Months ago  
More information about why the default certificate may not being accepted - See section "Name on the certificate should match the name of the mail server" at www.msoutlook.info/question/613.
Intelliant
Expert Boarder
Posts: 114
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
Go to topPage: 1
  get the latest posts directly to your desktop