logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Other Software View previous topic :: View next topic
Reply to topic   Topic: Help to make PhPmailer working
Author
bagu



Joined: 06 Jan 2011
Posts: 187
Location: France

PostPosted: Thu 12 Mar '20 21:30    Post subject: Help to make PhPmailer working Reply with quote

Hello,

I just renewed every certificates i own.
I use Hmailserver on the same server whare apache run.

But, when i try to use phpmailer, i get this error :
Code:
Connection failed. Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed


Hmailserver use the same certificate and a test in https://entrust.ssllabs.com/ say everything is ok.

So, i don't understand why i get this error and how i can correct it.

Can you help me ?

Thanks
Back to top
Xing
Moderator


Joined: 26 Oct 2005
Posts: 49

PostPosted: Thu 12 Mar '20 21:48    Post subject: Reply with quote

You copied the certificate from md/domains to your mailserver ?

Check again if you have the correct one(s).
Back to top
bagu



Joined: 06 Jan 2011
Posts: 187
Location: France

PostPosted: Thu 12 Mar '20 21:51    Post subject: Reply with quote

Yes, it's ok here

I put fullchain.cer as public certificate and cert.key as private key
Back to top
Xing
Moderator


Joined: 26 Oct 2005
Posts: 49

PostPosted: Thu 12 Mar '20 22:04    Post subject: Reply with quote

Was working before ?

I searched Google with the error, some hits.

Nothing else changed since last week ?
Back to top
bagu



Joined: 06 Jan 2011
Posts: 187
Location: France

PostPosted: Thu 12 Mar '20 22:08    Post subject: Reply with quote

No, I never managed to get it to work without putting this:
Code:

    $phpmailer->SMTPOptions = array(
        'ssl' => array(
            'verify_peer' => false,
            'verify_peer_name' => false,
            'allow_self_signed' => true
        )


But now, i can connect to my mail server with thunderbird without any scurity exception, and my websites are ok with the same certificate.

Is there something to add to make ssl ok with letsencrypt certificates ?
Back to top
Xing
Moderator


Joined: 26 Oct 2005
Posts: 49

PostPosted: Thu 12 Mar '20 22:13    Post subject: Reply with quote

When I understand :

Thunderbird connects SSL fine to your Hmailserver with Lets Encrypt Certificate ?

With your browser it is ok with HTTPS ?
Back to top
bagu



Joined: 06 Jan 2011
Posts: 187
Location: France

PostPosted: Thu 12 Mar '20 22:13    Post subject: Reply with quote

Yes to your two questions Wink
Back to top
Xing
Moderator


Joined: 26 Oct 2005
Posts: 49

PostPosted: Thu 12 Mar '20 22:16    Post subject: Reply with quote

So a Phpmailer issue.

Tried:

'allow_self_signed' => false ?
Back to top
bagu



Joined: 06 Jan 2011
Posts: 187
Location: France

PostPosted: Thu 12 Mar '20 22:19    Post subject: Reply with quote

work fine with 'allow_self_signed' => false
It stil works with : 'verify_peer_name' => true,
But it stop working with 'verify_peer' => true,
Back to top
Xing
Moderator


Joined: 26 Oct 2005
Posts: 49

PostPosted: Thu 12 Mar '20 22:22    Post subject: Reply with quote

Was just a guess from me.

So all SSL fine now with Apache, Hmailserver, Phpmailer and thunderbird ?
Back to top
bagu



Joined: 06 Jan 2011
Posts: 187
Location: France

PostPosted: Thu 12 Mar '20 22:47    Post subject: Reply with quote

No

It work on apache, Hmailserver and thundebird.
It work on phpmailer only if i set verify_peer to false.

Maybe i need to import chain.cer to windows cert store ?
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7288
Location: Germany, Next to Hamburg

PostPosted: Fri 13 Mar '20 9:55    Post subject: Reply with quote

You might check which SSL cert you get back!

Example https://hastebin.com/inihalaqiz.xml
Back to top
bagu



Joined: 06 Jan 2011
Posts: 187
Location: France

PostPosted: Fri 13 Mar '20 14:33    Post subject: Reply with quote

I get the right SSL cert.

BUT ! The problem seem to be solved by importing indermediate lets encrypt cert to windows cert store...

I don't know why it's needed...
Back to top


Reply to topic   Topic: Help to make PhPmailer working View previous topic :: View next topic
Post new topic   Forum Index -> Other Software