I'm trying to open the non-secure (port 143) IMAP connection (I am using PHP):
imap_open('{localhost:143/imap}INBOX', USERNAME, PASS);
and I get the next error: Certificate failure for localhost: self signed certificate ...
Ok. I've tried to use /novalidate-cert mailbox param. Then I get another error: Can not authenticate to IMAP server.
I've also tried to combine all possible non-secure connection params like /notls,/norsh and /secure. But I always get errors.
This is the Dovecot configuration I'm using:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=LOGIN] Dovecot ready.
The certificate is really self-signed and generated with openssl.
The questions are:
If the certificate is self-signed, it will contain your company name/your web hosting provider company name/your server name, etc (see fig. 2). You will need to remove a self-signed certificate from the server and install the one issued by the Certificate Authority.
One of the key limitations of self-signed certificates is often mistaken for a benefit: self-signed certificates cannot be revoked, and they never expire. This makes a compromised certificate difficult to identify, which several security challenges.
Use this code
   imap_open('{localhost:143/imap/novalidate-cert/debug}INBOX', USERNAME, PASS);
Instead of this
    imap_open('{localhost:143/imap}INBOX', USERNAME, PASS); 
STARTTLS of course uses the certificate to start the TLS channel, hence why you saw a self-signed cert error. Can not authenticate, however, implies your username and password are wrong. Try logging in using telnet to verify your user and password are correct
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With