IMAPs and POP3s servers are crashing: Openssl syscall error: Connection reset by peer

Created:

2016-11-16 12:44:14 UTC

Modified:

2017-04-24 12:13:33 UTC

0

Was this article helpful?


Have more questions?

Submit a request

IMAPs and POP3s servers are crashing: Openssl syscall error: Connection reset by peer

Applicable to:

  • Plesk 12.5 for Linux
  • Plesk 12.0 for Linux

Symptoms

  1. Courier IMAP and POP3 servers with SSL/TLS support are crashing

  2. If Watchdog is installed, the following errors are displayed in /var/log/plesk/modules/monit.log :

    monit: embed_ssl_socket(): Openssl syscall error: Connection reset by peer!
    'courier_imaps' failed, cannot open a connection to INET[localhost:993]
    monit: embed_ssl_socket(): Openssl syscall error: Connection reset by peer!
    'courier_pop3s' failed, cannot open a connection to INET[localhost:995]
    'courier_pop3s' stop: /opt/psa/admin/bin/mailmng-service
    'courier_imaps' process is not running
    'courier_imaps' trying to restart
    'courier_imaps' start: /opt/psa/admin/bin/mailmng-service
  3. The following path to certificates is specified in /etc/courier-imap/imapd-ssl and /etc/courier-imap/pop3d-ssl files:

    # grep '^TLS_CERTFILE' /etc/courier-imap/*ssl
    /etc/courier-imap/imapd-ssl:TLS_CERTFILE=/usr/share/courier-imap/imapd.pem
    /etc/courier-imap/pop3d-ssl:TLS_CERTFILE=/usr/share/courier-imap/pop3d.pem
  4. /usr/share/courier-imap/imapd.pem and /usr/share/courier-imap/pop3d.pem files are missing from the server:

    # ls -l /usr/share/courier-imap/imapd.pem
    ls: cannot access /usr/share/courier-imap/imapd.pem: No such file or directory

    # ls -l /usr/share/courier-imap/pop3d.pem
    ls: cannot access /usr/share/courier-imap/pop3d.pem: No such file or directory

Cause

Path to certificates for imap and pop3 services in configuration files is incorrect.

Resolution

  1. Change the path to certificates in /etc/courier-imap/imapd-ssl and /etc/courier-imap/pop3d-ssl files to the default one:

    TLS_CERTFILE=/usr/share/imapd.pem
    TLS_CERTFILE=/usr/share/pop3d.pem
  2. Restart courier-pop3s and courier-imaps services.

    # service courier-pop3s restart
    # service courier-imaps restart

Additional information

IMAPs and POP3s services get restared: Openssl syscall error: Connection reset by peer

Have more questions? Submit a request
Please sign in to leave a comment.