With Roundcube 1.3.0 and PHP 5.6.31, I keep seeing errors like the following in my logs:
Aug 10 11:00:31 myhost roundcube: <0ho1kdmf> IMAP Error: Login failed for username from [ip-address]. Could not connect to ssl://imap.some.domain:993: Unknown reason in /var/www/roundcubemail/program/lib/Roundcube/rcube_imap.php on line 196 (POST /rcm/?_task=login&_action=login)
Outgoing SMTP TLS connections from Roundcube are affected, too. This is probably caused by how PHP 5.6 verifies certificates. I have tried configuring openssl.cafile=/etc/ssl/certs/ca-certificates.crt and/or openssl.capath=/etc/ssl/certs in php.ini with world-readable certificate chains, but no dice. I am positive that the IMAP and SMTP servers (Dovecot and Postfix, respectively) are configured correctly, because MUAs like Thunderbird or iOS Mail connect successfully.
When I include the following workaround in config.inc.php Roundcube can connect to the IMAP server:
$config['default_host'] = 'ssl://imap.some.domain'; $config['imap_conn_options'] = array( 'ssl' => array( 'verify_peer' => false, ), );
Does anybody here know how to debug and fix this? Other people seem to have this problem as well, but disabling peer verification was the only recommendation I could find so far, and for obvious reasons I would like to avoid that.
-Ralph