Articles in this section

ActiveSync and IMAP connections fail with Plesk Premium Email: Socket closed or timed out during TLS handshake: closed

Rangel Sardinha
Updated
kb: bug Plesk for Linux ext: kolab

Symptoms

  • Plesk Premium Email is installed on the server
  • It is not possible to send, receive or download messages via mail client, both via ActiveSync and IMAP. No errors are displayed in the client.
  • The following error can be found in Guam's journal log:

# journalctl -xeu guam
... 
Jul 21 10:27:58 example.server.com guam[32223]: 10:27:58.081 [info] Socket closed or timed out during TLS handshake: closed

Cause

Plesk Premium Email bug: if Apache Localhost mode is disabled on the server and the hotfix from article Websites hosted in Plesk are not accessible after a recent Apache update: 421 Misdirected Request has been applied, it triggers a bug in Plesk Premium Email extension because it does not respect the Apache's Localhost mode settings and keeps treating the proxy_pass value as 127.0.0.1:7081 anyway.

The issue has been identified as a bug, tracked under ID #EXTCERT-4619, fixed in update of the Plesk Premium Email extension 16.15.9.

Resolution

Update Plesk Premium Email extension to the latest version.

If the update does not work, apply one of the following workarounds

Note: workarounds are not compatible with each other, apply only one

Enable Apache Localhost mode

Warning: enabling Localhost mode will rebuild all web server configuration files on the server and cause downtime, do this only during a maintenance window

  1. Connect to the server via SSH

  2. Execute the following command:

    # plesk bin apache --listen-on-localhost true

Use a custom fixssl.conf fix
  1. Connect to the server via SSH.

  2. Delete the existing /etc/nginx/conf.d/fixssl.conf file:

    # rm /etc/nginx/conf.d/fixssl.conf

  3. Create the /etc/nginx/conf.d/fixssl.conf file anew and add the following content inside it:

    CONFIG_TEXT: proxy_ssl_server_name on;
    proxy_ssl_session_reuse off; 

    map $request_uri $proxied_host {
           ~*^/autodiscover/autodiscover.xml webmail.$host;
           ~*^/(\.well-known/autoconfig/|)mail/config-v1.1.xml webmail.$host;
           ~*/Microsoft-Server-ActiveSync webmail.$host;
           ~*/iRony webmail.$host;
           default $host;
    }
    proxy_ssl_name $proxied_host;

    4. Reload the Nginx configuration with the following command:

    # systemctl reload nginx.service

Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.