OpenSSL Error

Question

OpenSSL Error

philharmonie opened this issue 2 years ago · 3 comments

Describe the bug
OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

From the logs:

production.ERROR: Connection could not be established with host mail.myserver.con :stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
731 error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed {"userId":1,"exception":"[object] (Swift_TransportException(code: 0): Connection could not be established with host mail.myserver.con :stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
732 error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed at /var/www/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php:261)

Expected behavior
I try so send an invoice but this error occurs.

Please complete the following information:

Crater version: latest
PHP version: 8.1
Database type and version: mysql 8

Optional info

I'm using docker

Answer 1 · 2022-11-10T22:12:09.000Z

Hi @philharmonie ,

I don't think your problem has to do with crater itself. That kind of error is usually related to the mail server and the certificate it uses (if it's been self signed, has the appropiate SAN, etc). The other most common problem is that you are pointing to the wrong name (sometimes the server has several names for the different services, like mail.company.com, smtp.company.com, imap.company.com and also each one of them uses a different port).

My recommendation is: check to conenct to the mail server with another program that uses same protocol and see if it works, I bet you you'll get a similar result

Answer 2 · 2022-12-09T12:31:56.000Z

Hi, I'm hosting the mail server on my own. With the same settings I provided in the .env I can send from other Laravel apps as well.

Answer 3 · 2023-01-08T01:39:32.000Z

Any luck? I'm trying to send to our local mail server but get this as well. I'd prefer to just disable encryption but that option is missing. Maybe an option to disable cert verification would work, but no encryption would be better.

Error on the mail server side.

Jan  7 17:38:39 s1 postfix/smtpd[2434143]: connect from dockerhost.ad.dom.com[10.1.1.12]
Jan  7 17:38:39 s1 postfix/smtpd[2434143]: SSL_accept error from dockerhost.ad.dom.com[10.1.1.12]: -1
Jan  7 17:38:39 s1 postfix/smtpd[2434143]: warning: TLS library problem: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:../ssl/record/rec_layer_s3.c:1543:SSL alert number 48:
Jan  7 17:38:39 s1 postfix/smtpd[2434143]: lost connection after STARTTLS from dockerhost.ad.dom.com[10.1.1.12]
Jan  7 17:38:39 s1 postfix/smtpd[2434143]: disconnect from dockerhost.ad.dom.com[10.1.1.12] ehlo=1 starttls=0/1 commands=1/2