1 (edited by noob 2014-04-28 15:38:04)

Topic: [SOLVED]disable ssl

==== Required information ====
- iRedMail version: 0.8.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Ubuntu 12.04
- Related log if you're reporting an issue:
====

i disabled ssl with these commands:

sudo a2dismod ssl
sudo a2dissite default-ssl
sudo service apache2 restart 

but when i acces http://mail.company.net/mail/ it redirects me to https://mail.company.net/mail/ and with Unable to connect message


but on /iredmail

Not Found

The requested URL /iredadmin was not found on this server.

in my virtual host configurations i added this lines

/etc/apache2/sites-available/default

<VirtualHost *:80>
.................................
    Alias /mail "/usr/share/apache2/roundcubemail/"
    <Directory "/usr/share/apache2/roundcubemail/">
         #Options FollowSymLinks
         #Options Indexes FollowSymLinks MultiViews

         AllowOverride None
         Order allow,deny
         allow from all
    </Directory>

</VirtualHost>

LE: those lines are commented in roundcubemail.conf

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: [SOLVED]disable ssl

Check file /var/www/index.html.

NOTE: It's recommended to use SSL for secure connection.

3

Re: [SOLVED]disable ssl

ZhangHuangbin wrote:

Check file /var/www/index.html.

NOTE: It's recommended to use SSL for secure connection.

I know about the redirect to /mail from /var/www/index.html, but after disabling ssl the redirect doesn't work anymore.

4

Re: [SOLVED]disable ssl

Excuse me, what redirect do you want? Or, what do you want?

5

Re: [SOLVED]disable ssl

ZhangHuangbin wrote:

Excuse me, what redirect do you want? Or, what do you want?

I want to use roundcube and iredadmin without ssl.

6

Re: [SOLVED]disable ssl

I think this is what you need?

Edit the dovecot.conf to allow login without SSL
This configuration will make login with SSL optional. You can login on both http and https connections.
Edit the main dovecot conf file.   
nano /etc/dovecot/dovecot.conf 
Change the line ssl = required to ssl = yes.
# SSL: Global settings.
# Refer to wiki site for per protocol, ip, server name SSL settings:
# http://wiki2.dovecot.org/SSL/DovecotConfiguration
ssl = yes
verbose_ssl = no
ssl_cert = </etc/ssl/certs/iRedMail_CA.pem
ssl_key = </etc/ssl/private/iRedMail.key

# With disable_plaintext_auth=yes AND ssl=required, STARTTLS is mandatory.
# Set disable_plaintext_auth=no AND ssl=yes to allow plain password transmitted
# insecurely.
disable_plaintext_auth = yes
Restart the dovecot service to apply changes
service dovecot restart

7

Re: [SOLVED]disable ssl

nerdtron09 wrote:

I think this is what you need?

Edit the dovecot.conf to allow login without SSL
This configuration will make login with SSL optional. You can login on both http and https connections.
Edit the main dovecot conf file.   
nano /etc/dovecot/dovecot.conf 
Change the line ssl = required to ssl = yes.
# SSL: Global settings.
# Refer to wiki site for per protocol, ip, server name SSL settings:
# http://wiki2.dovecot.org/SSL/DovecotConfiguration
ssl = yes
verbose_ssl = no
ssl_cert = </etc/ssl/certs/iRedMail_CA.pem
ssl_key = </etc/ssl/private/iRedMail.key

# With disable_plaintext_auth=yes AND ssl=required, STARTTLS is mandatory.
# Set disable_plaintext_auth=no AND ssl=yes to allow plain password transmitted
# insecurely.
disable_plaintext_auth = yes
Restart the dovecot service to apply changes
service dovecot restart


I have this settings setup,  and disable_plaintext_auth = no

But the problem is to acces /mail and /iredadmin folders without ssl, and i can't do this i must enable ssl to do this.

8

Re: [SOLVED]disable ssl

noob wrote:

But the problem is to acces /mail and /iredadmin folders without ssl, and i can't do this i must enable ssl to do this.

Please edit /etc/apache2/conf.d/roundcubemail.conf and /etc/apache2/conf.d/iredadmin.conf to add "Alias" directive to allow access without SSL.

9 (edited by noob 2014-04-24 14:45:16)

Re: [SOLVED]disable ssl

Well what should I modify?

roundcubemail.conf

Alias /mail "/usr/share/apache2/roundcubemail/"
<Directory "/usr/share/apache2/roundcubemail/">
    Options -Indexes
</Directory>

iredadmin.conf

SGISocketPrefix /var/run/wsgi
WSGIDaemonProcess iredadmin user=iredadmin threads=15
WSGIProcessGroup iredadmin

AddType text/html .py

<Directory /usr/share/apache2/iredadmin/>
    Order allow,deny
    Allow from all
</Directory>

There's no ssl settings here.

After disabling ssl I changed SSLEngine to off in /etc/apache2/sites-available/default-ssl and copying from there

Alias /cluebringer "/usr/share/postfix-cluebringer-webui/webui/"
Alias /iredadmin/static "/usr/share/apache2/iredadmin/static/"
WSGIScriptAlias /iredadmin "/usr/share/apache2/iredadmin/iredadmin.py/"
Alias /awstats/icon "/usr/share/awstats/icon/"
Alias /awstatsicon "/usr/share/awstats/icon/"
ScriptAlias /awstats "/usr/lib/cgi-bin/"
Alias /mail "/usr/share/apache2/roundcubemail/"
Alias /phpmyadmin "/usr/share/phpmyadmin/"

to default file, now http://localhost/iredadmin works but  http://localhost/mail  it still forwards to https://localhost/mail
and still inaccessible

10

Re: [SOLVED]disable ssl

noob wrote:

but  http://localhost/mail  it still forwards to https://localhost/mail
and still inaccessible

Please update roundcube config file to set parameter "force_https" to false.

11 (edited by pierluigideioris 2018-09-19 20:56:40)

Re: [SOLVED]disable ssl

This in not solved!
No reply but not solved

Can anyone help me to use roundcube on a simple http protocol ?
This beacuse a internal firewall block https traffic and cannot be opened

Thank you