Defect #19960
open
receive_imap rake task does not connect to Office 365
Added by Gustavo Regal over 9 years ago.
Updated almost 5 years ago.
Description
Hello,
I configured mail receiving with my Office 365 IMAP settings.
When I run the rake task I get:
"OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"
thrown at lib/redmine/imap.rb:30.
After a little research, I found out that changing line 30 from:
imap = Net::IMAP.new(host, port, ssl)
to:
imap = Net::IMAP.new(host, port, ssl, nil, false)
solves the problem.
Does this change imply some security issue?
Could this be made default, or perhaps exposed to a admin setting?
Additional info: running Bitnami stack on Windows 7.
Hi Gustavo Regal,
I had faced this issue too, And later found out the you have to update the SSL certificates on the server.
Also, the certificate Microsoft Active Directory Certificate Services. ( I contacted my IT team to provide me the file for this Office 365 server )
The issue was resolved for me.
You can give a try too, and may be the issue will get resolved. :)
Thanks.
But note..! You will end up in another issue #19737 related to office 365.
Rupesh J wrote:
Hi Gustavo Regal,
I had faced this issue too, And later found out the you have to update the SSL certificates on the server.
Also, the certificate Microsoft Active Directory Certificate Services. ( I contacted my IT team to provide me the file for this Office 365 server )
The issue was resolved for me.
You can give a try too, and may be the issue will get resolved. :)
Thanks.
OK, Rupesh, thank you very much.
I will contact my IT team for help, although i think it's weird because my Redmine server is a Azure VM (quite recently deployed), I guess it should have up-to-date certificates and services.
Rupesh J wrote:
But note..! You will end up in another issue #19737 related to office 365.
Yeah... already faced that. Nevertheless, I trust Redmine community will soon solve it :)
Thanks!
For anyone that has this issue in the future. The fix for me was to download this file 'https://curl.haxx.se/ca/cacert.pem' (found here https://curl.haxx.se/docs/caextract.html)
and place it in the Redmine root.
then add the line to my environment variables in the web.config. (for non-windows/IIS installs just add an environment variable with the value to the downloaded file).
<environmentVariable name="SSL_CERT_FILE" value="C:\inetpub\wwwroot\redmine\cacert.pem" />
You do need to set up a job that downloads the file again on a regular basis.
Some people also claimed to have luck with https://github.com/stevegraham/certified which does a lot of it for you by the sound of it.
Note the .pem file doesn't have to be in any particular place and can go in a root folder if it's being used in more than one application.
Chad Petersen wrote:
For anyone that has this issue in the future. The fix for me was to download this file 'https://curl.haxx.se/ca/cacert.pem' (found here https://curl.haxx.se/docs/caextract.html)
and place it in the Redmine root.
then add the line to my environment variables in the web.config. (for non-windows/IIS installs just add an environment variable with the value to the downloaded file).
<environmentVariable name="SSL_CERT_FILE" value="C:\inetpub\wwwroot\redmine\cacert.pem" />
You do need to set up a job that downloads the file again on a regular basis.
Some people also claimed to have luck with https://github.com/stevegraham/certified which does a lot of it for you by the sound of it.
Note the .pem file doesn't have to be in any particular place and can go in a root folder if it's being used in more than one application.
Also available in: Atom
PDF