Do you still have other openssl libraries installed? What is PHP using? You mentioned multiple openssl binaries and that's great it works on the command line.

Have you confirmed the cert matches the cipher list the config options? Command line output also shows the common name (CN) not matching the hostname requested.

Any additional SSL details would help!


On Nov 9, 2016 6:58 PM, "@lbutlr" <kremels@kreme.com> wrote:
On Nov 9, 2016, at 3:33 AM, @lbutlr <kremels@kreme.com> wrote:
> # openssl s_client -connect localhost:993
> CONNECTED(00000003)
> depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
> verify error:num=20:unable to get local issuer certificate

Fixed this issue (there was a spurious openssl-1.0.1 binary installed, once I removed it and pointed everything at openssl 1.0.2 and setup the letsencrypt certificate in dovecot:

#  openssl s_client -connect mail.covisp.net:993
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = covisp.net
verify return:1

So that’s good, but roundcube still reports the same error:

Empty startup greeting (mail.covisp.net:993) in /usr/local/www/roundcube/program/lib/Roundcube/rcube_imap.php on line 193

The only other thing that roundcube logs is in logs/sql

[09-Nov-2016 18:44:41 -0700]: <65e749cv> [4] DELETE FROM `session` WHERE `sess_id` = ‘<stuff>';
[09-Nov-2016 18:44:41 -0700]: <65e749cv> [5] INSERT INTO `session` (`sess_id`, `vars`, `ip`, `created`, `changed`) VALUES (‘<stuff>', ‘<morestuff>=', '23.24.150.141', now(), now());

Anyone have any ideas? I’m stuck.

_______________________________________________
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users