Defect #19960

receive_imap rake task does not connect to Office 365

Added by Gustavo Regal almost 5 years ago. Updated 2 months ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Email receiving
Target version:-
Resolution: Affected version:3.0.3

Description

Hello,

I configured mail receiving with my Office 365 IMAP settings.

When I run the rake task I get:
"OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"
thrown at lib/redmine/imap.rb:30.

After a little research, I found out that changing line 30 from:
imap = Net::IMAP.new(host, port, ssl)
to:
imap = Net::IMAP.new(host, port, ssl, nil, false)
solves the problem.

Does this change imply some security issue?
Could this be made default, or perhaps exposed to a admin setting?

Additional info: running Bitnami stack on Windows 7.

History

#1 Updated by Rupesh J almost 5 years ago

Hi Gustavo Regal,

I had faced this issue too, And later found out the you have to update the SSL certificates on the server.
Also, the certificate Microsoft Active Directory Certificate Services. ( I contacted my IT team to provide me the file for this Office 365 server )
The issue was resolved for me.

You can give a try too, and may be the issue will get resolved. :)

Thanks.

#2 Updated by Rupesh J almost 5 years ago

But note..! You will end up in another issue #19737 related to office 365.

#3 Updated by Gustavo Regal almost 5 years ago

Rupesh J wrote:

Hi Gustavo Regal,

I had faced this issue too, And later found out the you have to update the SSL certificates on the server.
Also, the certificate Microsoft Active Directory Certificate Services. ( I contacted my IT team to provide me the file for this Office 365 server )
The issue was resolved for me.

You can give a try too, and may be the issue will get resolved. :)

Thanks.

OK, Rupesh, thank you very much.

I will contact my IT team for help, although i think it's weird because my Redmine server is a Azure VM (quite recently deployed), I guess it should have up-to-date certificates and services.

#4 Updated by Gustavo Regal almost 5 years ago

Rupesh J wrote:

But note..! You will end up in another issue #19737 related to office 365.

Yeah... already faced that. Nevertheless, I trust Redmine community will soon solve it :)

Thanks!

#5 Updated by Chad Petersen over 1 year ago

For anyone that has this issue in the future. The fix for me was to download this file 'https://curl.haxx.se/ca/cacert.pem' (found here https://curl.haxx.se/docs/caextract.html)
and place it in the Redmine root.
then add the line to my environment variables in the web.config. (for non-windows/IIS installs just add an environment variable with the value to the downloaded file).

<environmentVariable name="SSL_CERT_FILE" value="C:\inetpub\wwwroot\redmine\cacert.pem" />

You do need to set up a job that downloads the file again on a regular basis.

Some people also claimed to have luck with https://github.com/stevegraham/certified which does a lot of it for you by the sound of it.

Note the .pem file doesn't have to be in any particular place and can go in a root folder if it's being used in more than one application.

#6 Updated by Pauline Borges 2 months ago

Chad Petersen wrote:

For anyone that has this issue in the future. The fix for me was to download this file 'https://curl.haxx.se/ca/cacert.pem' (found here https://curl.haxx.se/docs/caextract.html)
and place it in the Redmine root.
then add the line to my environment variables in the web.config. (for non-windows/IIS installs just add an environment variable with the value to the downloaded file).

<environmentVariable name="SSL_CERT_FILE" value="C:\inetpub\wwwroot\redmine\cacert.pem" />

You do need to set up a job that downloads the file again on a regular basis.

Some people also claimed to have luck with https://github.com/stevegraham/certified which does a lot of it for you by the sound of it.

Note the .pem file doesn't have to be in any particular place and can go in a root folder if it's being used in more than one application.

Also available in: Atom PDF