Unable to connect via TLS

Question

Unable to connect via TLS

phantien94 opened this issue 7 years ago · 6 comments

I have a problem when I send mail to client to Reset Password. I using Gmail

Warning: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed in C:\wamp64\www\zend2112\vendor\zendframework\zend-mail\src\Protocol\Smtp.php on line 216

Here is my function:

function sendMailWithToken($user){
        $token = $user->getToken();
        $http = isset($_SERVER['https']) ? 'https://': "http://";
        $domail = $_SERVER['HTTP_HOST'];
        $link = $http.$domail.'/zend/public/set-password/'.$token;

        $messageBody = "Hello ".$user->getFullname(). ',\n';
        $messageBody.="Click the LINK below to reset your password: \n";
        $messageBody.=$link;
        $messageBody.=".\nThanks and Best Regards!";

        $html = new MimePart($messageBody);
        $html->type = "text/html";

        $body = new MimeMessage();
        $body->setParts(array($html));


        $message = new Message();
        $message->setEncoding("UTF-8");
        $message->addFrom('test@gmail.com', 'Forget Password');
        $message->addTo($user->getEmail());
        $message->setSubject('Forget Password');
        $message->setBody($body);

        // Setup SMTP transport
        $transport = new SmtpTransport();
        $options   = new SmtpOptions([
            'name' => 'smtp.gmail.com',
            'host' => 'smtp.gmail.com',
            'port' => 587,
            'connection_class'=>'login',
            'connection_config'=>[
                'username' =>'test@gmail.com',
                'password' => 'password',
                'ssl'      => 'tls',
                
            ],           
        ]);
        $transport->setOptions($options);
        $transport->send($message);
    }

Thanks for reading. I try to fix 2 days. Please help !!!

Answer 1 · 2018-06-25T06:21:00.000Z

I have the same issue.
Did you solve it somehow?

Answer 2 · 2018-06-25T07:34:14.000Z

Your system CA certificates are most likely stale. If on linux check for ca-certs or ca-certificates package. Try to update it first.

If that does not work you need to point ini option to a fresh cafile location:
https://secure.php.net/manual/en/openssl.configuration.php

Take a look at https://github.com/paragonie/certainty
It is an easy way to get fresh ca certificates bundle file.

I, personally, prefer to use this script from curl library to obtain latest certificates directly from mozilla during php setup:
https://github.com/curl/curl/blob/master/lib/mk-ca-bundle.pl

This component might have a configuration option to provide those explicitly to be set as a stream context, I didn't check.

Answer 3 · 2018-06-25T20:16:16.000Z

Thanks for your help!

Unfortunatelly, we could not make it working with updated certificates.
So we avoided the problem with other solution.

Answer 4 · 2018-11-22T14:49:27.000Z

What was it?

Thanks for your help!

Unfortunatelly, we could not make it working with updated certificates.
So we avoided the problem with other solution.

Answer 5 · 2018-11-22T23:31:33.000Z

Not sure if this helps, but anyway...
I was able to connect to my GMail account after enabling "Less secure applications" on it's settings.

Answer 6 · 2019-12-31T21:37:27.000Z

This repository has been closed and moved to laminas/laminas-mail; a new issue has been opened at laminas/laminas-mail#30.