Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

IMAP open stream: Self signed certificate issue

Tags:

php

certificate

self-signed

imap

dovecot

I'm trying to open the non-secure (port 143) IMAP connection (I am using PHP):

imap_open('{localhost:143/imap}INBOX', USERNAME, PASS);

and I get the next error: Certificate failure for localhost: self signed certificate ...

Ok. I've tried to use /novalidate-cert mailbox param. Then I get another error: Can not authenticate to IMAP server.

I've also tried to combine all possible non-secure connection params like /notls,/norsh and /secure. But I always get errors.

This is the Dovecot configuration I'm using:

* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=LOGIN] Dovecot ready.

The certificate is really self-signed and generated with openssl.

The questions are:

  1. Why does the certificate error occurs when I am using non-secure connection?
  2. What is wrong with the mail server configuration?
like image 680
sparkle Avatar asked Oct 17 '12 18:10

sparkle

People also ask

How do you fix the certificate is not trusted because it is self-signed?

If the certificate is self-signed, it will contain your company name/your web hosting provider company name/your server name, etc (see fig. 2). You will need to remove a self-signed certificate from the server and install the one issued by the Certificate Authority.

What is the problem with self-signed certificate?

One of the key limitations of self-signed certificates is often mistaken for a benefit: self-signed certificates cannot be revoked, and they never expire. This makes a compromised certificate difficult to identify, which several security challenges.

2 Answers

Use this code

   imap_open('{localhost:143/imap/novalidate-cert/debug}INBOX', USERNAME, PASS);

Instead of this

    imap_open('{localhost:143/imap}INBOX', USERNAME, PASS);
like image 130
Rameshwar Patnaik Avatar answered Sep 21 '22 19:09

Rameshwar Patnaik

STARTTLS of course uses the certificate to start the TLS channel, hence why you saw a self-signed cert error. Can not authenticate, however, implies your username and password are wrong. Try logging in using telnet to verify your user and password are correct

like image 27
Max Avatar answered Sep 23 '22 19:09

Max
Sign in to Comment

Related questions

Symfony2 and Blueimp jQuery-File-Upload: where to set the "server/php" directory
Accessing PHP Array Object Protected Property
PHP - Reading Directory vs Fetching from Database
php require_once path difference between windows and linux
Symfony2: Custom configuration root
get consecutive records in mysql
Interactive console in Eclipse PDT and xDebug
Is it possible to work GET and post option together in form?
ZF2 Dynamic Menu with Zend\Navigation\Navigation
Redbean, Multiple many-to-many using same object
create a personalized 404 error page in php in localhost
Zend Framework 2 how to test redirect in controller action?
Hook into PHPUnit overall test state at runtime
What Cache Headers should you use on your PHP site with CloudFlare so that "Always Online" works?
Laravel Public Folder
PHP to Quickbooks - how do I connect the two if she's running on a desktop?
Which MySQL query is effective to get the total number of records
__call method not get executed when try to call non existent function in yii controller?
In PHP, can I differentiate the result of intval(null) from intval("0")?
RabbitMQ error timeout

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!