Recent versions of PHP (namely 5.6 and thereafter) have changed the default options used against the OpenSSL libraries, such that self-signed certificates are no longer considered valid by default and SSL and TLS connections using self-signed certificates will fail.
Kolab sets up the system with Cyrus IMAP and Postfix both using self-signed certificates which are not made a part of any system-wide CA bundle, causing a default installation to not have a functional webclient.
The solution is to configure:
```
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => true,
'allow_self_signed' => true,
'peer_name' => 'localhost',
'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH',
'cafile' => '/etc/pki/cyrus-imapd/cyrus-imapd.pem',
),
);
$config['smtp_conn_options'] = array(
'ssl' => array(
'verify_peer' => true,
'allow_self_signed' => true,
'peer_name' => 'localhost',
'ciphers' => 'TLSv1+HIGH:!aNull:@STRENGTH',
'cafile' => '/etc/pki/tls/private/localhost.pem',
),
);
```
Adjusted where necessary for specific deployment options (including `s/ssl/tls/'?).