Search code examples
dockerroundcube

Integrating Roundcube with docker-mailserver

I have tried to set up a docker-mail server on my server after that I tried to integrate with Mozilla Thunderbird and it worked

Mozila Thunderbird Response

Than i try to use roundcube as mail client but it give response error with log like this:

Jul 13 05:24:28 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=172.18.0.1, lip=172.18.0.2, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48, session=<YSq2c/rGtLusEgAB>

There is my docker-compose.yml of roundcube

version: '2'

services:
  roundcubemail:
    image: roundcube/roundcubemail:latest
    container_name: roundcubemail
    volumes:
      - ./www:/var/www/html
    networks:
      - database-network
      - proxy
    environment:
      - ROUNDCUBEMAIL_DB_TYPE=mysql
      - ROUNDCUBEMAIL_DB_HOST=${DB_HOST}
      - ROUNDCUBEMAIL_DB_PORT=${DB_PORT}
      - ROUNDCUBEMAIL_DB_NAME=${DB_DATABASE}
      - ROUNDCUBEMAIL_DB_USER=${DB_USERNAME}
      - ROUNDCUBEMAIL_DB_PASSWORD=${DB_PASSWORD}
      - ROUNDCUBEMAIL_SKIN=elastic
      - ROUNDCUBEMAIL_DEFAULT_HOST=ssl://${APP_HOST}
      - ROUNDCUBEMAIL_DEFAULT_PORT=993
      - ROUNDCUBEMAIL_SMTP_SERVER=ssl://${APP_HOST}
      - ROUNDCUBEMAIL_SMTP_PORT=465
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.roundcubemail.entrypoints=http"
      - "traefik.http.routers.roundcubemail.rule=Host(`${APP_HOST}`)"
      - "traefik.http.middlewares.roundcubemail-https-redirect.redirectscheme.scheme=https"
      - "traefik.http.routers.roundcubemail.middlewares=roundcubemail-https-redirect"
      - "traefik.http.routers.roundcubemail-secure.entrypoints=https"
      - "traefik.http.routers.roundcubemail-secure.rule=Host(`${APP_HOST}`)"
      - "traefik.http.routers.roundcubemail-secure.tls=true"
      - "traefik.http.routers.roundcubemail-secure.tls.certresolver=http"
      - "traefik.http.routers.roundcubemail-secure.service=roundcubemail"
      - "traefik.http.services.roundcubemail.loadbalancer.server.port=80"
      - "traefik.docker.network=proxy"

networks:
  database-network:
    external: true
  proxy:
    external: true
Solution

  • Configure your roundcube to accept self signed certificates because by default it does not. You will have to make the ca.crt available to the roundcube server (enable cafile parameter)or disable peer verification (and leave cafile parameter commented), edit the config['imap_conn_options'] variable:

    $config['imap_conn_options'] = array(
    'ssl' => array(
    'verify_peer' => false,
    //  'verify_depth' => 3,
    //  'cafile'       => '/etc/openssl/certs/ca.crt',
    ),
);

    solution confirmed here: https://www.roundcubeforum.net/index.php?topic=25321.0