The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Secure login via POP

Discussion in 'General Discussion' started by tuxer, Sep 28, 2010.

  1. tuxer

    tuxer Member

    Joined:
    Jan 8, 2010
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Hello,

    While trying to login using "secure connection :: ssl encryption", email client is showing the following error.

    Code:
    Error while fetching mail.
    
    Failed to read a valid greeting from POP server <hostname>
    We have a wild card ssl installed for all services (http, courier, pop, exim ftp etc)

    WHM 11.26.8
    CENTOS 5.5 i686 standard
    mailserver :: courier

    I have tried courierup, upcp and even tried reinstalling the certs. If I change the option to TLS from SSL, it works.
    Checked on a different machine with the same setup, there is no issue while setting the secure connection to "ssl"

    Please let me know how I can solve this.

    something I tested on terminal

    Code:
    # openssl s_client -connect localhost:995 
    
    CONNECTED(00000003)
    2217:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
    Please help
     
  2. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    So that we may more accurately diagnose the issue, please provide the following details:
    1. What is the name and version of the affected e-mail client software?
    2. Does the issue only occur via POP3, or does it also occur via IMAP?
    3. What is the configured port number used by the e-mail client for TLS?
    4. What is the configured port number used by the e-mail client for SSL? I see POP3S port "995" is mentioned, but it will help greatly to confirm all available information.
    5. Have you tried switching from Courier to Dovecot to see if there is any change in behavior?
      WHM: Main >> Service Configuration >> Mailserver Selection
     
  3. tuxer

    tuxer Member

    Joined:
    Jan 8, 2010
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    1) Our client is using Outlook 2010, I tested it with Evolution 2.28.3. Have issue on both

    2) Issue only with POP3, tried changing it to IMAP for receiving mail and it works fine.

    3) On evolution, I do not see a place to view or configure ports so I assume by selecting ssl it should default to the secure port 995. The client is using 995 on outlook, I can confirm that.

    4) same as above

    5) Tried switching to dovecot and got the same issue.
     
  4. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Thank you for the information. Please test access via both TLS and SSL using a new self-signed certificate by resetting the existing SSL certificate that is currently installed for Courier/Dovecot; this can be performed by using the Reset Certificate option in WebHost Manager via the following navigation menu path (with linked documentation): WHM: Main >> Service Configuration >> Manage Service SSL Certificates

    Please let us know the output from the following commands (via root SSH access):
    • For Courier:
      Code:
      # cat /var/cpanel/courierconfig.yaml
    • For Dovecot:
      Code:
      # cat /var/cpanel/conf/dovecot/main
     
  5. tuxer

    tuxer Member

    Joined:
    Jan 8, 2010
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    We are using our shared ssl certificate for all services.

    Turns out there were too many connections to the ports. Manually killed all and restarted services. Everything is fine now. Thank you very much Don for all your inputs.
     
Loading...

Share This Page