Problem/Motivation
We had a use case where skipping cert verification was needed when using TLS. The client's SMTP server had a certificate which the server could not verify.
The error we were getting was:
stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Proposed resolution
According to https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting#updating-ca-... newer versions of the library can pass
options to the connection method.
Not sure if this is the approach we want, but here is a patch that brings in that part of the library. It's passed in as a Drupal variable and not configurable via Ui (not sure if that would make sense).
Remaining tasks
User interface changes
API changes
Data model changes
Comment | File | Size | Author |
---|---|---|---|
smtp_stream_context_options.patch | 2.73 KB | Primsi | |
Comments
Comment #3
skylord CreditAttribution: skylord commentedThanks, works OK for me. Example drush command to set appropriate context options:
drush ev 'variable_set("smtp_stream_context_options", array("ssl" => array("verify_peer" => false, "verify_peer_name" => false, "allow_self_signed" => true)))'
Comment #4
finneThis worked for me too. ++
Comment #5
skylord CreditAttribution: skylord commentedWas solved in 1.8, see #2566561: PHP 5.6 SSL operation failed with code 1