Horde login failed: Could not open secure TLS connection to the IMAP server

Refers to:

  • Plesk 12.5 for Linux
  • Plesk Onyx for Linux
  • Plesk 12.0 for Linux

Created:

2016-11-16 13:11:28 UTC

Modified:

2017-02-15 14:47:22 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Horde login failed: Could not open secure TLS connection to the IMAP server

Symptoms

Horde webmail login failed.

Log /var/log/psa-horde/psa-horde.log contains the following error:

    2014-12-07T20:37:33+00:00 WARN: HORDE [imp] [login] Could not open secure TLS connection to the IMAP server. [pid 35439 on line 732 of "/usr/share/psa-horde/imp/lib/Imap.php"]

2014-12-07T20:37:33+00:00 ERR: HORDE [horde] FAILED LOGIN for user@domain.tld (user@domain.tld) [1.2.3.4] to horde [pid 35439 on line 216 of "/usr/share/psa-horde/login.php"]

Attempt to log in via CLI produces the following error:

~#  php -r '$user="user@domain.tld";$pass="<PASSWORD>";imap_open( "{127.0.0.1:143/imap/tls/novalidate-cert}", $user, $pass, OP_DEBUG);'
PHP Warning: imap_open(): Couldn't open stream {127.0.0.1:143/imap/tls/novalidate-cert} in Command line code on line 1
PHP Notice: Unknown: TLS/SSL failure for 127.0.0.1: SSL negotiation failed (errflg=2) in Unknown on line 0

gnutls library is installed on the server.

Cause

PHP interoperability issue with GNU TLS library.

Workaround

Make sure the latest version of GNU TLS library is installed.

As a workaround, change the IMAP configuration in Horde webmail by editing the /usr/share/psa-horde/imp/config/backends.php file:

'secure' => 'tls'
'port' => 143

to

'secure' => 'ssl'
'port' => 993

Final configuration file should look like:

        // IMAP server
$servers['imap'] = array(
// ENABLED by default; will connect to IMAP port on local server
'disabled' => false,
'name' => 'IMAP Server',
'hostspec' => 'localhost',
'hordeauth' => false,
'protocol' => 'imap',
'port' => 993,
'secure' => 'ssl',
);
Have more questions? Submit a request
Please sign in to leave a comment.