Unable to log in to Roundcube webmail or using email client on Plesk server: Can't load DH parameters: dh key too small

Symptoms

• Unable to log in to Roundcube webmail with the following error message:

  Connection error with IMAP server.

• The error messages below appears in /var/log/maillog file on attempt to login via Roundcube or a mail client:

  Error: Failed to initialize SSL server context: Can't load DH parameters: error:1408518A:SSL routines:ssl3_ctx_ctrl:dh key too small

Cause

Low size of Diffie-Hellman key is used in Dovecot settings:

# egrep "ssl_dh|ssl_server_dh_file" /etc/dovecot/conf.d/11-plesk-security-ssl.conf
ssl_dh=</usr/local/psa/etc/dhparams1024.pem

Resolution

1. Connect to the server via SSH;

2. Increase Diffie-Hellman key size to 2048:

   # plesk sbin sslmng --service dovecot --strong-dh --dhparams-size=2048