Trying to link to Protonmail

Hi guys,

I’m trying to use my Protonmail account through Nextcloud on Debian Buster and I think I’m making some good progress. I successfully followed this guide to build the Protonmail Bridge from source without a gui. I’m working on running it as a systemd service. I just can’t seem to get Nextcloud Mail to complete the configuration, I keep getting this error:

Creating account failed: Could not connect to IMAP host localhost:1143: Could not open secure TLS connection to the IMAP server.

I think I may have the same problem the guy writing that guide had, where Nextcloud isn’t trusting the self-signed certificate generated by the bridge app. I tried symlinking the certificate into /usr/lib/ssl/certs, same result. Any help would be appreciated.

If anyone else has similar problems, I got my setup working by using hydroxide instead of the standard bridge: https://github.com/emersion/hydroxide

3 Likes

For anyone looking to address this without resorting to a third-party app like hydroxide, the solution using the official Protonmail Bridge is as follows:

  1. Disable TLS verification for IMAP/SMTP in the Mail App: In your config.php add: ‘app.mail.verify-tls-peer’ => false (see mail/admin.md at master · nextcloud/mail · GitHub)

  2. Set IMAP/SMTP Security to None: In the mail app when you are adding in your settings, choose “None” for IMAP and SMTP security. (see Bridge connection issues with Thunderbird, Outlook & Apple Mail - ProtonMail Support)

While not related to this specific question, note that the instructions in the article linked about building the protonmail bridge are outdated. You can directly build-nogui when building protonmail with latest releases. And there is no need to do the additional steps of creating folders for pass and gpg and adding to path.

And for anyone who is seeking it and comes here, if all you are after is setting it all up to use Protonmail for the standard smtp that can all be done without messing around with the config.php (at least in Nextcloud 20.0.4) as that will already work without checking for TLS verification if you select “None”.

Hi @eganonoa

Can I just confrim my understanding with you please.
Protonmail can be connected to the Nextcloud Mail App - simply by adding the following
Manual

Name
Name

Mail Address user@protonmail.com

IMAP Settings

IMAP Host imap.protonmail.tld

IMAP Security None
IMAP Port 993
IMAP User user@protonmail.com
IMAP Password - normal account password

SMTP Settings
SMTP Security None
SMTP Port 587
SMTP User user@protonmail.com
SMTP Password normal account password

No. You need the bridge installed (as per above) and then need to use the bridge to connect.

IMAP Host 127.0.0.1

IMAP Security None
IMAP Port 1143
IMAP User user@protonmail.com
IMAP Password - bridge provided password

SMTP Settings
SMTP Security None
SMTP Port 1025
SMTP User user@protonmail.com
SMTP Password bridge provided password

I made a request for a Protonmail bridge with headless server support at their new feature request area.

Go there and vote

The bridge should be installed on the same machine that hosts the NextcoudPi?
or on any machine that uses the same LAN?

Same machine. There has been some discussion about how to make it work over a network, but it seems that for that you need the third-party hydroxide application: see https://www.reddit.com/r/ProtonMail/comments/czl56b/support_for_remote_bridges_on_the_same_network/

Like @eganonoa said needs to be in the same machine but at this moment does not support terminal configuration, you need a GUI.

I received an email from the Protonmail bridge team where they say they are already looking into implementing a headless version for Bridge in the future.

Hi @vascocb and @eganonoa
Thank you
Do you mind telling me if I got it right or not -

On my Nextcloudpi instance (which is on my RPi4 - which has no monitor attached)

  • Install the Protonmail Bridge Application
  • Attach a monitor to fire the GUI
  • Get the password generated by that GUI
  • Put that passwrod in the Nextcoud Mail App

Nextcloudpi does not have a GUI itself (like gnome or KDE). You can not use the GUI from the bridge.
Never installed one and and I prefer to stay without a GUI and wait for the Protonmail Bridge GUI-free version from Protonmail

Actually that’s no longer accurate. You can build with no-gui and have it work perfectly. Indeed this is how I have it now on my Nextcloud machine.

It’s actually quite simple. To do the build you may need to install some dependencies (I needed golang and libsecret-1-0-dev). After that it’s just:

https://github.com/ProtonMail/proton-bridge.git
cd proton-bridge
make build-nogui

And then you will have a proton-bridge binary built without a GUI and that you can run either run interactively ( ./proton-bridge -c) or without interaction so it can run automatically in future (./proton-bridge --noninteractive).

You absolutely do not need the GUI anymore.

As per my comment below you can build with no gui. Absolutely no need for a GUI, the entire thing can be run headless, which will definitely help with performance.

Having said that, re the fact that you can build and run bridge without a gui now, I do not think there is an Arm build for Protonmail Bridge. So I don’t think you will be able to do this with a raspberry pi.

What I said is the information I have and what I’m going to do.
I’m not a developer, IT professional or a technical guy.
Build something and mantaine (sorry for my english) I don’t understand doesn’t make any sense to me.
I will use the tools I have available and anyone else can choose what they want to do.
If you know how/want to build good for you, you will be better than me.

@vascocb and @eganonoa
Thank you both -
@eganonoa - Because I use RPi4 which is an ARM - I probably not able to have the Protonmail Bridge app.
Soon I may have my Nextcloud instance on a x86 at which time I will be able to install as you suggested.
Just one thing - how will i find the password from the Protonmail bridge without the gui?

Anytime.
Can not help with the password. I use the bridge only on a desktop.

1 Like

You basically just run the bridge in the terminal. The easiest way is to load it in interactive mode (proton-bridge -c) and then follow the instructions to log in. It’ll then give you all you need.

1 Like