With Roundcube 1.3.0 and PHP 5.6.31, I keep seeing errors like the
following in my logs:
Aug 10 11:00:31 myhost roundcube: <0ho1kdmf> IMAP Error:
Login failed for username from [ip-address]. Could not connect
to ssl://imap.some.domain:993: Unknown reason in
/var/www/roundcubemail/program/lib/Roundcube/rcube_imap.php
on line 196 (POST /rcm/?_task=login&_action=login)
Outgoing SMTP TLS connections from Roundcube are affected, too. This is
probably caused by how PHP 5.6 verifies certificates. I have tried
configuring openssl.cafile=/etc/ssl/certs/ca-certificates.crt and/or
openssl.capath=/etc/ssl/certs in php.ini with world-readable certificate
chains, but no dice. I am positive that the IMAP and SMTP servers
(Dovecot and Postfix, respectively) are configured correctly, because
MUAs like Thunderbird or iOS Mail connect successfully.
When I include the following workaround in config.inc.php Roundcube can
connect to the IMAP server:
$config['default_host'] = 'ssl://imap.some.domain';
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
),
);
Does anybody here know how to debug and fix this? Other people seem to
have this problem as well, but disabling peer verification was the only
recommendation I could find so far, and for obvious reasons I would like
to avoid that.
-Ralph