Error while retrieving the messages 'IMAPS': Could not select

FSF · Post by **FSF** » 02 Oct 2025, 10:01

Hello,

This post is a follow-up to my issues with Znuny, which has not been functioning since this post:
viewtopic.php?t=44351

I contacted Microsoft support, who were able to resolve the connection issue with Oauth2, so now the token is successfully renewed.

However, the problem now is that znuny cannot read the email inbox reserved for it.

I therefore have two alerts in the logs:

Code: Select all

OTRS-otrs.Console.pl-Maint::PostMaster::MailAccountFetch-38

CommunicationLog(ID:1280474,AccountType:-,AccountID:-,Direction:Incoming,Transport:Email,ObjectLogType:Connection,ObjectLogID:2309412)::Kernel::System::MailAccount::IMAPS => IMAPS: Can't connect to outlook.office365.com: Unable to connect to outlook.office365.com: IO::Socket::IP configuration failed

Capture100.jpg

and

Code: Select all

OTRS-otrs.Console.pl-Maint::PostMaster::MailAccountFetch-38
Error while retrieving the messages 'IMAPS': Could not select:

Capture101.jpg

I therefore thought there might be a connectivity issue between the server hosting znuny and the Office servers.

Here are the results of the

Code: Select all

openssl s_client -connect outlook.office365.com:993 -crlf

test.

Code: Select all

root@helpdesk:~# openssl s_client -connect outlook.office365.com:993
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
verify return:1
depth=0 C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = outlook.com
verify return:1
---
Certificate chain
 0 s:C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = outlook.com
   i:C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Mar 29 00:00:00 2025 GMT; NotAfter: Mar 28 23:59:59 2026 GMT
 1 s:C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
   i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Sep 25 00:00:00 2020 GMT; NotAfter: Sep 24 23:59:59 2030 GMT
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIIp...
...lRQ1Nhc=
-----END CERTIFICATE-----
subject=C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = outlook.com
issuer=C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: ECDH, secp384r1, 384 bits
---
SSL handshake has read 4000 bytes and written 485 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: B22D0000A7186388B348C1DA6EE9848E51F34C6A921C3D0B87EEB7B20971233A
    Session-ID-ctx:
    Master-Key: AD9......48
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1759390410
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
* OK The Microsoft Exchange IMAP4 service is ready. [Rg.......A==]

So everything is fine on that side.

Microsoft had me change the Oauth2 API permissions as follows:

Capture105.jpg

And that's all the help they can give me, so they asked me to contact Znuny support for further assistance.

That's where I am today.

Can anyone help me, because I really don't know what to do anymore.

Thank you in advance.