Linux Apps Tutorials - Herong's Tutorial Examples - v1.03, by Herong Yang
SquirrelMail Configuration for IMAPS Port 993
This section provides a tutorial example on how to configure a SquirrelMail Webmail site to use the secure IMAPS port 993 to retrieve emails from a mail server on the local network.
Continuing from the previous tutorial, let's change SquirrelMail configuration to use the secure IMAPS Protocol on 993 Port to access a remote mail server.
1. Change configuration to use IMAPS on port 993.
herong$ cd /var/www/html/mailx herong$ sudo perl config/conf.pl Server Settings > IMAP > Server: 192.168.1.100 Server Settings > IMAP > Port: 993 Server Settings > IMAP > Authentication: login Server Settings > IMAP > Secure IMAP (TLS): true
2. Run the test script again. It fails with "Server error: (0)", a not very informative message.
herong$ firefox http://localhost/mailx/src/configtest.php Checking IMAP service.... ERROR: Error connecting to IMAP server "192.168.1.100:993". Server error: (0)
3. Search the Internet and find reports saying that this is related to the server invalid certificates.
4. Run a PHP function call to simulate what SquirrelMail is doing. The PHP error message is more informative and confirms that SquirrelMail failed to validate the server certificate.
herong$ php -r 'fsockopen("tls://192.168.1.100", 993, $errno, $errmsg, 5);' PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate: certificate verify failed in php shell code on line 1
5. Use "openssl s_client" command to get the server certificate and see the certification validation result. The output confirms that the server is using a "self signed certificate".
herong$ openssl s_client -connect 192.168.1.100:993 depth=0 ..., CN = 192.168.1.100, ... verify error:num=18:self signed certificate ...
Now I know the root cause of the problem. The mail server is using a self signed certificate. SquirrelMail fails to valid any self signed certificate.
The solution is to provide the self signed certificate as a trusted certificate to the SquirrelMail PHP code as shown in the next tutorial.
Table of Contents
Running Apache HTTP Server (httpd) on Linux Systems
Running Apache Tomcat on Linux Systems
Running PHP Scripts on Linux Systems
Running MySQL Database Server on Linux Systems
Running Python Scripts on Linux Systems
Conda - Environment and Package Manager
Graphics Environments on Linux
►SquirrelMail - Webmail in PHP
SquirrelMail Webmail Installation on CentOS
SquirrelMail Configuration on CentOS
SquirrelMail for Mail Server on Local Network
►SquirrelMail Configuration for IMAPS Port 993
Provide Self Signed Certificate to SquirrelMail
SquirrelMail Configuration for SMTPS Port 465