connection to storage server failed

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

connection to storage server failed

@lbutlr
I am getting this error after updating to dovecot2-2.2.26.0_1 under FreeBSD 10.2 when a user tries to login via roundcube webmail. I am able to login via my own mail client and there is no error in the log when roundcube fails to login.

I stopped dovecot, removed all the dovecot files from the maildir folders and restarted dovecot, but get the same error.

<https://help.directadmin.com/item.php?id=473>


_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: connection to storage server failed

@lbutlr
On 08 Nov 2016, at 09:09, @lbutlr <[hidden email]> wrote:
> I am getting this error after updating to dovecot2-2.2.26.0_1 under FreeBSD 10.2 when a user tries to login via roundcube webmail. I am able to login via my own mail client and there is no error in the log when roundcube fails to login.
>
> I stopped dovecot, removed all the dovecot files from the maildir folders and restarted dovecot, but get the same error.
>
> <https://help.directadmin.com/item.php?id=473>

Some more information:

 # openssl s_client -connect localhost:993
CONNECTED(00000003)
depth=0 C = US, ST = Colorado, L = Denver, O = COVISP, CN = mail.covisp.net, emailAddress = [hidden email]
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = Colorado, L = Denver, O = COVISP, CN = mail.covisp.net, emailAddress = [hidden email]
verify return:1
---
Certificate chain
[etc]

logging in via my mail software works fine:

16:13:49 mail dovecot: imap-login: Login: user=<kremels>, 23.24.150.141, PLAIN, TLS

But from round cube:

IMAP Error in /usr/local/www/roundcube/program/lib/Roundcube/rcube_imap.php (193): Login failed for kremels from 23.24.150.141. Could not connect to ssl://localhost:993: Unknown reason

_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: connection to storage server failed

@lbutlr
On Nov 8, 2016, at 4:17 PM, @lbutlr <[hidden email]> wrote:
> IMAP Error in /usr/local/www/roundcube/program/lib/Roundcube/rcube_imap.php (193): Login failed for kremels from 23.24.150.141. Could not connect to ssl://localhost:993: Unknown reason

Thought I had this figured out, PHP5.6 will not accept a self0signed cert for some reason.

However, even if I point dovecot to a not self-signed cert (A let’s encrypt cert/key pari), I am still getting the same error.

 # openssl s_client -connect localhost:993
CONNECTED(00000003)
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate

Not sure what “unable to get local issuer certificate” means.

I did find something online, and tried adding this to the config file for roundcube:

$config['default_host'] = 'tls://mail.covisp.net/';

// PHP 5.6 accept self-sogned certs
$config['imap_conn_options'] = array(
    'ssl' => array(
      'verify_peer'       => true,
      'allow_self_signed' => true,
      'peer_name'         => 'mail.covisp.net',
      'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH',
      'cafile'  => '/etc/ssl/certs/covisp.net.pem',
    ),
);

But, then I get

Empty startup greeting (mail.covisp.net:993) in /usr/local/www/roundcube/program/lib/Roundcube/rcube_imap.php on line 193 (POST /?_task=login&_action=login)



_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: connection to storage server failed

@lbutlr
On Nov 9, 2016, at 3:33 AM, @lbutlr <[hidden email]> wrote:
> # openssl s_client -connect localhost:993
> CONNECTED(00000003)
> depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
> verify error:num=20:unable to get local issuer certificate

Fixed this issue (there was a spurious openssl-1.0.1 binary installed, once I removed it and pointed everything at openssl 1.0.2 and setup the letsencrypt certificate in dovecot:

#  openssl s_client -connect mail.covisp.net:993
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = covisp.net
verify return:1

So that’s good, but roundcube still reports the same error:

Empty startup greeting (mail.covisp.net:993) in /usr/local/www/roundcube/program/lib/Roundcube/rcube_imap.php on line 193

The only other thing that roundcube logs is in logs/sql

[09-Nov-2016 18:44:41 -0700]: <65e749cv> [4] DELETE FROM `session` WHERE `sess_id` = ‘<stuff>';
[09-Nov-2016 18:44:41 -0700]: <65e749cv> [5] INSERT INTO `session` (`sess_id`, `vars`, `ip`, `created`, `changed`) VALUES (‘<stuff>', ‘<morestuff>=', '23.24.150.141', now(), now());

Anyone have any ideas? I’m stuck.

_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: connection to storage server failed

@lbutlr
On Nov 9, 2016, at 6:51 PM, @lbutlr <[hidden email]> wrote:
> Anyone have any ideas? I’m stuck.

No one?

_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: connection to storage server failed

Matthias Sitte
I'd try but without full config files and log file entries it's really
hard to tell what's going wrong... Need to know the details of your
setup because Roundcube (or more precisely PHP) refuse to talk to the
IMAP server. After all, I assume that you have a working IMAP server
that you can connect to from the outside world using some MUA?


On 11/12/2016 05:52 AM, @lbutlr wrote:
> On Nov 9, 2016, at 6:51 PM, @lbutlr <[hidden email]> wrote:
>> Anyone have any ideas? I’m stuck.
> No one?
>
> _______________________________________________
> Roundcube Users mailing list
> [hidden email]
> http://lists.roundcube.net/mailman/listinfo/users

--
Dr. Matthias Sitte                   Email: [hidden email]
Thomas-Jefferson-Str. 3                     [hidden email]
55122 Mainz                                 [hidden email]
DEUTSCHLAND

_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: connection to storage server failed

gnul
In reply to this post by @lbutlr

Do you still have other openssl libraries installed? What is PHP using? You mentioned multiple openssl binaries and that's great it works on the command line.

Have you confirmed the cert matches the cipher list the config options? Command line output also shows the common name (CN) not matching the hostname requested.

Any additional SSL details would help!


On Nov 9, 2016 6:58 PM, "@lbutlr" <[hidden email]> wrote:
On Nov 9, 2016, at 3:33 AM, @lbutlr <[hidden email]> wrote:
> # openssl s_client -connect localhost:993
> CONNECTED(00000003)
> depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
> verify error:num=20:unable to get local issuer certificate

Fixed this issue (there was a spurious openssl-1.0.1 binary installed, once I removed it and pointed everything at openssl 1.0.2 and setup the letsencrypt certificate in dovecot:

#  openssl s_client -connect mail.covisp.net:993
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = covisp.net
verify return:1

So that’s good, but roundcube still reports the same error:

Empty startup greeting (mail.covisp.net:993) in /usr/local/www/roundcube/program/lib/Roundcube/rcube_imap.php on line 193

The only other thing that roundcube logs is in logs/sql

[09-Nov-2016 18:44:41 -0700]: <65e749cv> [4] DELETE FROM `session` WHERE `sess_id` = ‘<stuff>';
[09-Nov-2016 18:44:41 -0700]: <65e749cv> [5] INSERT INTO `session` (`sess_id`, `vars`, `ip`, `created`, `changed`) VALUES (‘<stuff>', ‘<morestuff>=', '23.24.150.141', now(), now());

Anyone have any ideas? I’m stuck.

_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users


_______________________________________________
Roundcube Users mailing list
[hidden email]
http://lists.roundcube.net/mailman/listinfo/users