TLS handshake failure

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
alescan
Normal user
Normal user
Posts: 52
Joined: 2014-11-11 17:29
Location: Italy
Contact:

TLS handshake failure

Post by alescan » 2020-05-22 14:58

Hi everyone,
I have a starttls problem with hmail and php.
I have configured hmail on port 143 to accept only starttls connection and thunderbird is working fine.
But i have a php script running on xampp that throw an error, the php code is this:

Code: Select all

$stream = imap_open("{localhost:143/tls/novalidate-cert}Sent", "user@domain.it", "actual password");//apro sessione IMAP per salvare mail inviate
and the result is this

Code: Select all

"DEBUG"	17856	"2020-05-22 14:41:33.490"	"Creating session 89885"
"TCPIP"	17856	"2020-05-22 14:41:33.491"	"TCP - 127.0.0.1 connected to 127.0.0.1:143."
"DEBUG"	17856	"2020-05-22 14:41:33.495"	"TCP connection started for session 89884"
"DEBUG"	16756	"2020-05-22 14:41:33.496"	"Performing SSL/TLS handshake for session 89884. Verify certificate: False"
"TCPIP"	17856	"2020-05-22 14:41:33.497"	"TCPConnection - TLS/SSL handshake failed. Session Id: 89884, Remote IP: 127.0.0.1, Error code: 336027900, Message: unknown protocol"
"DEBUG"	17856	"2020-05-22 14:41:33.498"	"Ending session 89884"
Anyone have tip?

Thank you
HMS 5.6.7 B2425 on Win Server 2016 Standard with SQL Server 2019

palinka
Senior user
Senior user
Posts: 1942
Joined: 2017-09-12 17:57

Re: TLS handshake failure

Post by palinka » 2020-05-22 15:47

I was never able to get port 143 to work. I don't know why, but switching to 993 got it working.

Code: Select all

$hostname = '{localhost:993/ssl/novalidate-cert}'.$foldername;
$username = 'user@mydomain.tld';
$password = 'supersecretpassword';
$inbox = imap_open($hostname,$username,$password) or die('Cannot connect to LocalHost: ' . imap_last_error());

palinka
Senior user
Senior user
Posts: 1942
Joined: 2017-09-12 17:57

Re: TLS handshake failure

Post by palinka » 2020-05-22 16:46

One other thing. I never finished this project, but I was getting an error at the bottom of the page:

Code: Select all

Notice: Unknown: Can't connect to MyServer,993: Refused (errflg=1) in Unknown on line 0
I just googled for that and the working answer is change "localhost" to "127.0.0.1" and it goes away. :D

User avatar
mattg
Moderator
Moderator
Posts: 20837
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: TLS handshake failure

Post by mattg » 2020-05-24 02:00

If you are just using standard php with no additional libraries to send mail..

I think that port 143 will work with StartTLS without setting any security in PHP
if you specify security in PHP, then you need to use SSL/TLS in hMailserver

I think that PHP interprets TLS as the level of security, not as the StartTLS protocol
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

palinka
Senior user
Senior user
Posts: 1942
Joined: 2017-09-12 17:57

Re: TLS handshake failure

Post by palinka » 2020-05-24 13:34

mattg wrote:
2020-05-24 02:00
I think that PHP interprets TLS as the level of security, not as the StartTLS protocol
This makes perfect sense. I got port 143 working with "notls" flag. And I have StartTLS optional on 143, while 993 has SSL/TLS required.

alescan
Normal user
Normal user
Posts: 52
Joined: 2014-11-11 17:29
Location: Italy
Contact:

Re: TLS handshake failure

Post by alescan » 2020-05-25 09:55

In that peace of code i'm not tryng to send an email, I want to save the email in sent folder, if success I try to send but it keeps failing to save the email.
I use this php funtcion to open session with the server (https://www.php.net/manual/en/function.imap-open.php) and /tls is specified that force to use startTLS.
I tried modify localhost to 127.0.0.1 but still failing.
HMS 5.6.7 B2425 on Win Server 2016 Standard with SQL Server 2019

palinka
Senior user
Senior user
Posts: 1942
Joined: 2017-09-12 17:57

Re: TLS handshake failure

Post by palinka » 2020-05-25 15:07

alescan wrote:
2020-05-25 09:55
In that peace of code i'm not tryng to send an email, I want to save the email in sent folder, if success I try to send but it keeps failing to save the email.
I use this php funtcion to open session with the server (https://www.php.net/manual/en/function.imap-open.php) and /tls is specified that force to use startTLS.
I tried modify localhost to 127.0.0.1 but still failing.
/tls is broken. Has nothing to do with standards-compliant hmailserver.

Use /notls on 143 with hmailserver set to StartTLS optional.

Use /ssl on 993.

Or you could use hmailserver COM to move messages, etc.

Post Reply