Announcement

Collapse
No announcement yet.

Problems with SMTP connection by TLS

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Problems with SMTP connection by TLS

    Hello,

    I have e fresh installed EspoCRM (4.4.1) running under Debian with Apache 2.4 and PHP 7.0 (exact Version 7.0.16). I try to configure the Email account for outgoing Emails by using our Windows Exchange Server 2010 via SMTP. In a first step I've got always the error "Could not open socket, Code: 500 URL: /api/v1/Email/action/sendTestEmail [] []"
    After some investigation I could fix this error by inserting the Statement 'openssl.cafile' in the php.ini. But now I get another error. That's the snippet from the log:
    ------------------
    [2017-02-27 14:02:27] Espo.WARNING: E_WARNING: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed {"code":2,"message":"stream_socket_enable_crypto() : SSL operation failed with code 1. OpenSSL Error messages:\nerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed","file":"/var/www/crm/vendor/zendframework/zend-mail/src/Protocol/Smtp.php","line":178,"context":{"host":"admin"}} []
    [2017-02-27 14:02:27] Espo.ERROR: API [POST]:/:controller/action/:action, Params:Array ( [controller] => Email [action] => sendTestEmail ) , InputData: {"server":"XXX.XXX.XXX.XXX","port":587,"auth":true ,"security":"TLS","username":"XYZUser","password": "*****","fromName":"","fromAddress":"XYZ@XXX.de"," type":"outboundEmail","emailAddress":"ABC@DEF.de"} - Unable to connect via TLS [] []
    [2017-02-27 14:02:27] Espo.ERROR: Display Error: Unable to connect via TLS, Code: 500 URL: /api/v1/Email/action/sendTestEmail [] []
    ------------------
    It seems, that the System is using the host "admin" instead of the real name/IP adress. And I have no idea where I can fix it.

    Can anyone help me?

  • #2
    Hi!

    This error is associated with a self-signed certificate on the server.

    2 solutions:
    1. Use the correct certificate on the server (Let's Encrypt or other)
    2. Make changes to the certificate validation when connecting via SSL.

    Code:
    vendor/zendframework/zend-mail/src/Protocol/AbstractProtocol.php
    change function _connect.
    replace
    PHP Code:
    // open connection
            
    $this->socket = @stream_socket_client($remote$errorNum$errorStrself::TIMEOUT_CONNECTION); 
    with
    PHP Code:
    $contextOptions = array(
                
    'ssl' => array(
                    
    'verify_peer' => false,
                    
    'verify_peer_name' => false
                
    )
            );

            
    $context stream_context_create($contextOptions);

            
    // open connection
            
    $this->socket = @stream_socket_client($remote$errorNum$errorStrself::TIMEOUT_CONNECTIONSTREAM_CLIENT_CONNECT$context); 

    Comment

    Working...
    X