[imp] IMAP and SMTP with TLSv1.2
jan at horde.org
Fri Dec 11 08:37:44 UTC 2015
Zitat von John Kramer <john.kramer at neys.org>:
> On 09.12.15 18:19, Jan Schneider wrote:
>> Zitat von John Kramer <john.kramer at neys.org>:
>>> Hello list,
>>> I use Horde Webmail 5.2.10. At the moment I can connect to IMAP via
>>> port 143 with tls and SMTP via port 587 with tls. This is part of the
>>> 'protocol' => 'imap',
>>> 'port' => 143,
>>> 'secure' => 'tls',
>>> 'smtp' => array(
>>> 'auth' => true,
>>> 'port' => 587,
>>> How can I upgrade the transport security from TLSv1.0 to TLSv1.2?
>>> Disabling TLSv1.0 on IMAP or SMTP leads to TLS errors on Horde
>>> connections. PHP 5.6 and OpenSSL 1.0.1 should be capable of TLSv1.1+.
>>> Are there any ideas?
>>> I use the following software:
>>> PHP 5.6.14
>>> OpenSSL 1.0.1p
>>> Horde Webmail 5.2.10
>>> Imp 6.2.10
>>> Horde_Imap_Client 2.29.3
>>> Horde_Mail 2.6.2_1
>>> Horde_Smtp 1.9.1
>>> Thanks in advance!
>>> imp mailing list
>>> Frequently Asked Questions: http://wiki.horde.org/FAQ
>>> To unsubscribe, mail: imp-unsubscribe at lists.horde.org
>> You need to enable 1.2 on the IMAP and SMTP server. PHP will use it
> Hello Jan,
> thanks for your reply. I am sorry. I guess, my statement was a bit cloudy:
> TLSv1.2 is working fine with other servers (smtp) and every client
> (submission and imap) I have seen so far in the logs e.g.
> thunderbird, but:
>> Disabling TLSv1.0 on IMAP or SMTP leads to TLS errors on Horde connections.
> Horde is always trying TLSv1.0, nothing else and I do not have a
> clue where the problem could be. PHP or OpenSSL or the horde/imp
> libraries do not want to play with it. I am almost sure it has
> nothing to do with openssl, because I think PHP, cyrus-imap and
> postfix are linked to the same openssl libraries.
> Any ideas?
All Horde libraries that work on sockets use \Horde\Socket\Client
behind the scenes. And this in return uses PHP's
stream_socket_enable_crypto() with the STREAM_CRYPTO_METHOD_TLS_CLIENT
flag. That should allow any TLS version, and automatically picking the
highest available version.
You may be hitting https://bugs.php.net/bug.php?id=65329
The Horde Project
More information about the imp