From owner-freebsd-ports@FreeBSD.ORG Mon Mar 2 13:18:09 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 10153F91 for ; Mon, 2 Mar 2015 13:18:09 +0000 (UTC) Received: from smtp.mimar.rs (smtp.mimar.rs [193.53.106.135]) by mx1.freebsd.org (Postfix) with ESMTP id B0CB53FE for ; Mon, 2 Mar 2015 13:18:08 +0000 (UTC) Received: from vscan.mimar.rs (vscan.mimar.rs [193.53.106.134]) by smtp.mimar.rs (Postfix) with ESMTP id 6C357898CD for ; Mon, 2 Mar 2015 14:18:05 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mimar.rs; h= content-transfer-encoding:content-type:content-type:mime-version :x-mailer:organization:references:in-reply-to:message-id:subject :subject:from:from:date:date:received:received; s=mimar-0901; t= 1425302277; x=1427116678; bh=p9lnzjz+ztjw+iMEkbIC4VIr8E+78T4ufq/ MlupiPlY=; b=mJXY80hr2tHRHhFD1+VGnRMOFTrvz4sLrLEm3rJXF+OtERqVnnY VbUwCEV60LXsbIA9pfKVvf0shc3INm5nB+76Ko6dwPVAsfVvyX0bjiPtJSocluWm GdIKrlrvqYlPV38xoJJo8ndXHE/uBGt1Hc3+Mtuokb3ta9IrFSYVBD00= X-Virus-Scanned: amavisd-new at mimar.rs Received: from smtp.mimar.rs ([193.53.106.135]) by vscan.mimar.rs (vscan.mimar.rs [193.53.106.134]) (amavisd-new, port 10026) with ESMTP id 4X8dwcsgp2ZH for ; Mon, 2 Mar 2015 14:17:57 +0100 (CET) Received: from efreet (nat.kappastar.com [193.53.106.34]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: marko.cupac@mimar.rs) by smtp.mimar.rs (Postfix) with ESMTPSA id D5502898BE for ; Mon, 2 Mar 2015 14:17:57 +0100 (CET) Date: Mon, 2 Mar 2015 14:17:57 +0100 From: Marko =?UTF-8?B?Q3VwYcSH?= To: freebsd-ports@freebsd.org Subject: Re: mail/roundcube selfsigned TLS problem after upgrade to php56 (SOLVED) Message-ID: <20150302141757.6c930577@efreet> In-Reply-To: <20150302101511.63ff8eca@efreet> References: <20150302095605.52fcd10c@efreet> <20150302101511.63ff8eca@efreet> Organization: Mimar X-Mailer: Claws Mail 3.9.3 (GTK+ 2.24.23; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Mar 2015 13:18:09 -0000 On Mon, 2 Mar 2015 10:15:11 +0100 Marko Cupa=C4=87 wrote: > On Mon, 2 Mar 2015 09:56:05 +0100 > Marko Cupa=C4=87 wrote: >=20 > > Hi, > >=20 > > my roundcube was connecting happily to dovecot2 server over TLS > > for a few years, until recent upgrade of php ports (5.4 -> 5.6) and > > roundcube (1.0.5 -> 1.1.0). > >=20 > > Luckily, all I needed to add to roundcube config was: > >=20 > > $config['imap_conn_options'] =3D array( > > 'ssl' =3D> array( > > 'verify_peer' =3D> true, > > 'verify_depth' =3D> 3, > > 'cafile' =3D> '/etc/ssl/public/dovecot.pem', > > ), > > ); > >=20 > > I found this information on archlinux forums: > > https://bbs.archlinux.org/viewtopic.php?id=3D193012 > >=20 > > Hope this saves some time to someone, I had my webmail > > non-functional longer than I'd like to because of this change. > >=20 > > Regards, >=20 > Similar goes for managesieve plugin: > $config['managesieve_conn_options'] =3D array( > 'ssl' =3D> array( > 'verify_peer' =3D> true, > 'verify_depth' =3D> 3, > 'cafile' =3D> '/etc/ssl/public/dovecot.pem', > ), > ); >=20 > Probably also for all other plugins that have something to do with > TLS. I wrote blog post about this: https://www.mimar.rs/en/sysadmin/2015/php-5-6-x-ssltls-peer-certificates-an= d-hostnames-verified-by-default/ The ones who think "he did it for clicks and ads" have dirty mind. The blog is (and will remain) ad-free ;) --=20 Marko Cupa=C4=87 https://www.mimar.rs