Connect to dovecot IMAP server fails with SSL alert

Hi,

NextCloud Version 29.0.0.19 and Version 28.0.5.1

I am trying to connect from nextcloud web server to an IMAP dovecot server which has self-signed certifates and I can see following error in the dovecot log:

May 05 15:49:54 imap-login: Info: Disconnected: Connection closed: SSL_accept() failed: error:0A000418:SSL routines::tlsv1 alert unknown ca: SSL alert number 48 (no auth attempts in 0 secs): user=<>, rip=, lip=, TLS handshaking: SSL_accept() failed: error:0A000418:SSL routines::tlsv1 alert unknown ca: SSL alert number 48, session=

There is no problem with Mail client connections or other groupwares like Horde and egroupware. Is nextcloud connecting a different way using SSL or sending a client certificate and can this be disabled etc., nextcloud log shows following:

{“reqId”:“XCXQ1X0XRmD2zfNB9lFl”,“level”:3,“time”:“2024-05-05T05:14:40+00:00”,“remoteAddr”:“”,“user”:“”,“app”:“PHP”,“method”:“POST”,“url”:“/nextcloud/index.php/apps/mail/api/accounts”,“message”:“Optional parameter $knownIds declared before required parameter $partialOnly is implicitly treated as a required parameter at /opt/local/share/nextcloud/apps/mail/lib/Service/Sync/SyncService.php#111”,“userAgent”:“Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:125.0) Gecko/20100101 Firefox/125.0”,“version”:“29.0.0.19”,“data”:{“app”:“PHP”

Regards,
Horst

You could try to add the following line to your config.php:

'app.mail.verify-tls-peer' => false,

See here: https://github.com/nextcloud/mail/blob/main/doc/admin.md#disable-tls-verification-for-imapsmtp

Thank you very much this fixed it, somehow I must have missed this when I scanned through the documentations

From “bb77 via Nextcloud community” <noreply@help.nextcloud.org>
To horst.simon2@icloud.com
Date 5/5/2024 9:15:20 pm
Subject [Nextcloud community] [ Installation] Connect to dovecot IMAP server fails with SSL alert