[ingo] TLS & Managesieve & dovecot

Prößler, Reinhard reinhard.proessler at uni-hamburg.de
Thu Mar 10 09:08:40 UTC 2022 

Dear colleagues

 

Currently I setup a Horde Groupware system on SuSE SLES 15.3 and OpenSuse
15.3, Horde Groupware is installed via PEAR.

All works fine, Mail goes in and out, TLS Imap is ok.

Even Horde Ingo with connection to Dovecot managesieve works fine. With
Plain authentication and without TLS.

 

If I enable TLS in ingo/config/backend.local.php:

 

                // Hostname of the timsieved server

                'hostspec' => 'localhost',

                // Login type of the server

                'logintype' => 'PLAIN',

                // Enable/disable TLS encryption

                'usetls' => true,

                // Port number of the timsieved server

                'port' => 4190,

                // Name of the sieve script

                'scriptname' => 'ingo',

               // Enable debugging. The sieve protocol communication is

                // logged with the DEBUG level.

                'debug' => true,

 

Then it fails and I get an error:

###

ar 10 10:03:52 s0 HORDE[14191]: [ingo] PHP ERROR:
stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL
Error messages:

Mar 10 10:03:52 s0 HORDE[14191]: error:1416F086:SSL
routines:tls_process_server_certificate:certificate verify failed [pid 14191
on line 1404 of "/usr/share/php7/PEAR/Net/Sieve.php"]

Mar 10 10:03:52 s0 dovecot[15382]: managesieve-login: Disconnected:
Connection closed: SSL_accept() failed: error:14094418:SSL
routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48 (no
auth attempts in 0 secs): user=<>, rip=::1, lip=::1, TLS handshaking:
SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert
unknown ca: SSL alert number 48, session=<2pFBftnZ1OAAAAAAAAAAAAAAAAAAAAAB>

Mar 10 10:03:52 s0 dovecot[15382]: imap-login: Login:
user=dbhorde at uni-hamburg.de <mailto:dbhorde at uni-hamburg.de> , method=PLAIN,
rip=::1, lip=::1, mpid=17068, TLS,
session=<g9JBftnZ/LEAAAAAAAAAAAAAAAAAAAAB>

### 

 

Just for information: Thunderbird (latest) maintains the Sieve scripts with
TLS, no problems.

I thing the problem must be on Horde/Ingo/Managesieve/Net_Sieve side?

 

Suggestions and help is Welcome

 

Mit freundlichem Gruß

 

Reinhard Prößler

 

Universitaet Hamburg

Regionales Rechenzentrum

Basis Infrastruktur (BIN)

Schlueterstrasse 70

D-20146 Hamburg

 

Tel: +4940 42838 7121

 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6917 bytes
Desc: not available
URL: <https://lists.horde.org/archives/ingo/attachments/20220310/3ca06278/attachment.bin>

More information about the ingo mailing list