Project

General

Profile

receiving emails from imap ssl

Added by Zoltan Beck over 11 years ago

Hi All,

I've a problem with an Exchange 2010 server (there is used a cacert.org certificate). I can't download the mails with the following command:

/usr/local/bin/rake -f /home/redmine/redmine-2.1.2/Rakefile redmine:email:receive_imap RAILS_ENV="production" project=all ssl=1 port=993 host=xxxxx username=xxxxx password=xxxxx --trace

** Invoke redmine:email:receive_imap (first_time)
** Invoke environment (first_time)
** Execute environment
** Execute redmine:email:receive_imap
rake aborted!
LOGIN failed.
/usr/lib/ruby/1.8/net/imap.rb:1004:in `pick_up_tagged_response'
/usr/lib/ruby/1.8/net/imap.rb:997:in `get_tagged_response'
/usr/lib/ruby/1.8/net/imap.rb:1055:in `send_command'
/usr/lib/ruby/1.8/monitor.rb:242:in `synchronize'
/usr/lib/ruby/1.8/net/imap.rb:1040:in `send_command'
/usr/lib/ruby/1.8/net/imap.rb:380:in `login'
/home/redmine/redmine-2.1.2/lib/redmine/imap.rb:30:in `check'
/home/redmine/redmine-2.1.2/lib/tasks/email.rake:133
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:205:in `call'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:205:in `execute'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:200:in `each'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:200:in `execute'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:158:in `invoke_with_call_chain'
/usr/lib/ruby/1.8/monitor.rb:242:in `synchronize'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:151:in `invoke_with_call_chain'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/task.rb:144:in `invoke'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:116:in `invoke_task'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:in `top_level'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:in `each'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:94:in `top_level'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:133:in `standard_exception_handling'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:88:in `top_level'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:66:in `run'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:133:in `standard_exception_handling'
/var/lib/gems/1.8/gems/rake-0.9.2.2/lib/rake/application.rb:63:in `run'
/var/lib/gems/1.8/gems/rake-0.9.2.2/bin/rake:33
/usr/local/bin/rake:19:in `load'
/usr/local/bin/rake:19
Tasks: TOP => redmine:email:receive_imap

Is there any way to configure the cacert for the redmine?

Best Regards,
bzg


Replies (34)

RE: receiving emails from imap ssl - Added by Dmitry Nilsen almost 11 years ago

no, we do not have webmail
but I checked the certificate in my thunderbird client, the hostname is correct.
And it worked fine before migration to 2.3

RE: receiving emails from imap ssl - Added by Mr Embedded almost 11 years ago

I think this may be the key to your issues:

/opt/redmine/ruby/lib/ruby/1.9.1/net/imap.rb:1439:in `start_tls_session'

What version of OpenSSL is installed on that server? I think one of the fundamental differences between my setups and yours is that I use RVM for ruby management instead of the OS ruby versions. RVM uses its own copy of OpenSSL.

In your case what could be happening is a TLS version incompatibility between mail client/server. You could try to install ruby via RVM (including OpenSSL) and see if that fixes your issue.

RE: receiving emails from imap ssl - Added by Dim Ko about 9 years ago

Scott B wrote:

FYI - This worked:

Create a new file config/initializers/bypass_ssl_verification.rb (the name of the file is not important)

In that file, put this:
require 'openssl'
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

You may or may not have to HUP the app. I did. IMAP SSL connections are working again (redmine 2.0.3 - ruby 1.9.3p194).

Dear Scott B, Thank you! This solution really helped.

RE: receiving emails from imap ssl - Added by Karel Pičman almost 8 years ago

Or, you can call directly:

rake -f /opt/redmine/Rakefile redmine:email:receive_imap RAILS_ENV="production" host=*** port=993 ssl=1 username=*** password=*** -r 'openssl' -E 'OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE'

RE: receiving emails from imap ssl - Added by Mark Wintch over 7 years ago

Dim Ko wrote:

Scott B wrote:

FYI - This worked:

Create a new file config/initializers/bypass_ssl_verification.rb (the name of the file is not important)

In that file, put this:
require 'openssl'
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

You may or may not have to HUP the app. I did. IMAP SSL connections are working again (redmine 2.0.3 - ruby 1.9.3p194).

Dear Scott B, Thank you! This solution really helped.

Just wanted to say this solution worked me as well in Redmine 3.3

RE: receiving emails from imap ssl - Added by Pero Postar almost 7 years ago

Mark Wintch wrote:

Dim Ko wrote:

Scott B wrote:

FYI - This worked:

Create a new file config/initializers/bypass_ssl_verification.rb (the name of the file is not important)

In that file, put this:
require 'openssl'
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE

You may or may not have to HUP the app. I did. IMAP SSL connections are working again (redmine 2.0.3 - ruby 1.9.3p194).

Dear Scott B, Thank you! This solution really helped.

Just wanted to say this solution worked me as well in Redmine 3.3

Great to hear, that it's working in 3.3 as well.
So, if I understood correctly: Just create a new file as mentioned above. File should contain only two lines?
And then the rake call (from redmine directory):

rake redmine:email:receive_imap RAILS_ENV="production" host=mail.xxx.xx ssl=true username=xxx password=xxx --trace unknown_user=create project="xxxx" tracker=xxxx

Am I missing any parameters? ssl=true or ssl=1 or starttls or, no_certificate_verify=1 or what? Handshake fail, ohh...

RE: receiving emails from imap ssl - Added by aus ghostdog about 5 years ago

To anyone else having this issue,

edit /lib/redmine/imap.rb add the line Net::IMAP.debug = true below require net/imap

require 'net/imap'
Net::IMAP.debug = true

by doing that I found that in the username it was remove the \ for the domain user, that solved my issue.

RE: receiving emails from imap ssl - Added by Plam Sim over 4 years ago

In order to get rid of message "warning: already initialized constant OpenSSL::SSL::VERIFY_PEER" I had to remove first the constant and then set it again. It works well with Redmine 3.4 and I can pass SSL verification successfully

File
/config/initializers/bypass_ssl_verification.rb

require 'openssl'
OpenSSL::SSL.send(:remove_const, :VERIFY_PEER)
OpenSSL::SSL.const_set(:VERIFY_PEER, OpenSSL::SSL::VERIFY_NONE)

RE: receiving emails from imap ssl - Added by Anas Al Salah about 3 years ago

I don't think anyone mentioned that OpenSSL::SSL::VERIFY_NONE basically disables SSL certificate verification, making your server prone to man-in-the-middle attacks: https://stackoverflow.com/questions/1113422/how-to-bypass-ssl-certificate-verification-in-open-uri#19172281

Use this sparingly, do not apply it application wide in your production environment. Better yet, add/fix your certificates to your production environment.

(26-34/34)