Reputation:
how to fix stream_socket_enable_crypto(): SSL operation failed with code 1
stream_socket_enable_crypto(): SSL operation failed with code 1.
OpenSSL Error messages: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Im using Laravel 4.2, PHP 5.6, Apache 2.4
I have GoDaddy SSL installed in Amazon ec2 Linux.
SSL working fine when i visit the site with https.
The error happened when I call my function :
<?php
public function sendEmail()
{
\Mail::send ( 'emails.code.code', $data, function ($sendemail) use($email) {
$sendemail->from ( '[email protected]', 'Me Team' );
$sendemail->to ( $email, '' )->subject ( 'Activate your account' );
} );
}
?>
I read some articles about this, they said that there are things we should make some changes, they put that code but i don't know where to insert it.
Been reading this: https://www.mimar.rs/en/sysadmin/2015/php-5-6-x-ssltls-peer-certificates-and-hostnames-verified-by-default/
and this documentation of php http://php.net/manual/en/migration56.openssl.php which is hard to understand.
So my question is how to solve this problem?
Upvotes: 82
Views: 284658
Answers (20)
Reputation: 845
It seems that your server can not verify the SMTP server certificate and I do not recommend disabling SSL or TLS.
You can check the verification status using the following command:
openssl s_client -connect smtp.example.com:587 -starttls smtp
If you found an error like: "unable to get local issuer certificate" means that you need to update the ca certificates on your server.
For ubuntu use:
apt-get update && apt-get install ca-certificates
And you may update php.ini to include the new certificates:
openssl.cafile=/etc/ssl/certs/ca-certificates.crt
Finally, restart php-fpm and any laravel workers.
Upvotes: 1
Reputation: 2185
You can try,
MAIL_ENCRYPTION=null
on .env file, if you're running on localhost.
Upvotes: 0
Reputation: 1304
I my case the issue occurred on websites hosted on VPS with cPanel' WHM. After an update all the emails sent via Gmail SMTP stopped working.
As a solution, in the WHM I had to turn off
Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak)
setting under
Home / Server Configuration / Tweak Settings
See pic.
I guess after WHM update this settings was turn on somehow or probably this is a new settings, I am not sure.
Upvotes: 1
Reputation: 823
with symfony I modify the dotEnv to include some small information and it works great
MAILER_DSN=smtp://user:pass@container_name:25?verify_peer=false&verify_peer_name=false&allow_self_signed=true
Upvotes: 0
Reputation: 6814
For Laravel 9, following is enough to disable ssl check:
'verify_peer' => false,
Example:
// config/mail.php
'mailers' => [
'smtp' => [
'transport' => 'smtp',
'host' => env('MAIL_HOST', 'smtp.mailgun.org'),
'port' => env('MAIL_PORT', 587),
'encryption' => env('MAIL_ENCRYPTION', 'tls'),
'username' => env('MAIL_USERNAME'),
'password' => env('MAIL_PASSWORD'),
'timeout' => null,
'auth_mode' => null,
'verify_peer' => false,
],
...
Upvotes: 5
Reputation: 27
Go to vendor\swiftmailer\swiftmailer\lib\classes\Swift\Transport\StreamBuffer.php
comment line 250 and add this line:
//$options = [];
$options['ssl'] = array('verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true);
Upvotes: -1
Reputation: 439
This start to happen today in one of my servers using wordpress with a plugin that uses PHPMailer, with no recent changes.
The solution: sudo yum install ca-certificates
Now It works again perfectly, I did also an httpd restart (not sure if needed)
I can't figure out the real problem, I suspect that was a hardcoded date in the old ca-certificates package.
Upvotes: 3
Reputation: 3869
How to fix on Laravel (5,6,7 at least), WordPress (and other PHP + cURL implementations I guess):
Download the latest cacert.pem file from cURL website.
wget https://curl.haxx.se/ca/cacert.pem
Edit php.ini (you can do php --ini to find it), update (or create if they don't exist already) those two lines:
curl.cainfo="/path/to/downloaded/cacert.pem"
...
openssl.cafile="/path/to/downloaded/cacert.pem"
Those lines should already exist but commented out, so uncomment them and edit both values with the path to the downloaded cacert.pem
Restart PHP and Nginx/Apache.
Edit: You may need to chown/chmod the downloaded certificate file so PHP (and the user running it) can read it.
Upvotes: 13
Reputation: 643
Finally! it was my AVG antivirus, it has a feature called email shield, disabled it and the error was gone.
Upvotes: 5
Reputation: 204
Editor's note: disabling SSL verification has security implications. Without verification of the authenticity of SSL/HTTPS connections, a malicious attacker can impersonate a trusted endpoint such as Gmail, and you'll be vulnerable to a Man-in-the-Middle Attack.
Be sure you fully understand the security issues before using this as a solution.
Easy fix for this might be editing config/mail.php and turning off TLS
'encryption' => env('MAIL_ENCRYPTION', ''), //'tls'),
Basically by doing this
$options['ssl']['verify_peer'] = FALSE;
$options['ssl']['verify_peer_name'] = FALSE;
You should loose security also, but in first option there is no need to dive into Vendor's code.
Upvotes: 8
Reputation: 1242
Editor's note: disabling SSL verification has security implications. Without verification of the authenticity of SSL/HTTPS connections, a malicious attacker can impersonate a trusted endpoint such as Gmail, and you'll be vulnerable to a Man-in-the-Middle Attack.
Be sure you fully understand the security issues before using this as a solution.
I have also this error in laravel 4.2 I solved like this way. Find out StreamBuffer.php. For me I use xampp and my project name is itis_db for this my path is like this. So try to find according to your one
C:\xampp\htdocs\itis_db\vendor\swiftmailer\swiftmailer\lib\classes\Swift\Transport\StreamBuffer.php
and find out this function inside StreamBuffer.php
private function _establishSocketConnection()
and paste this two lines inside of this function
$options['ssl']['verify_peer'] = FALSE;
$options['ssl']['verify_peer_name'] = FALSE;
and reload your browser and try to run your project again. For me I put on like this:
private function _establishSocketConnection()
{
$host = $this->_params['host'];
if (!empty($this->_params['protocol'])) {
$host = $this->_params['protocol'].'://'.$host;
}
$timeout = 15;
if (!empty($this->_params['timeout'])) {
$timeout = $this->_params['timeout'];
}
$options = array();
if (!empty($this->_params['sourceIp'])) {
$options['socket']['bindto'] = $this->_params['sourceIp'].':0';
}
$options['ssl']['verify_peer'] = FALSE;
$options['ssl']['verify_peer_name'] = FALSE;
$this->_stream = @stream_socket_client($host.':'.$this->_params['port'], $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, stream_context_create($options));
if (false === $this->_stream) {
throw new Swift_TransportException(
'Connection could not be established with host '.$this->_params['host'].
' ['.$errstr.' #'.$errno.']'
);
}
if (!empty($this->_params['blocking'])) {
stream_set_blocking($this->_stream, 1);
} else {
stream_set_blocking($this->_stream, 0);
}
stream_set_timeout($this->_stream, $timeout);
$this->_in = &$this->_stream;
$this->_out = &$this->_stream;
}
Hope you will solve this problem.....
Upvotes: 26
Reputation: 1829
Editor's note: disabling SSL verification has security implications. Without verification of the authenticity of SSL/HTTPS connections, a malicious attacker can impersonate a trusted endpoint such as Gmail, and you'll be vulnerable to a Man-in-the-Middle Attack.
Be sure you fully understand the security issues before using this as a solution.
You can add below code in /config/mail.php ( tested and worked on laravel 5.1, 5.2, 5.4 )
'stream' => [
'ssl' => [
'allow_self_signed' => true,
'verify_peer' => false,
'verify_peer_name' => false,
],
],
Upvotes: 146
Reputation: 5085
edit your .env and add this line after mail config lines
MAIL_ENCRYPTION=""
Save and try to send email
Upvotes: 9
Reputation: 575
$default = [ ... ];
$turnOffSSL = [
'stream' => [
'ssl' => [
'allow_self_signed' => true,
'verify_peer' => false,
'verify_peer_name' => false,
],
],
];
$environment = env('APP_ENV');
if ($environment === 'local') {
return array_merge($default, $turnOffSSL);
}
return $default;
Upvotes: -2
Reputation: 2522
in my case i did following
$mail = new PHPMailer;
$mail->isSMTP();
$mail->Host = '<YOUR HOST>';
$mail->Port = 587;
$mail->SMTPAuth = true;
$mail->Username = '<USERNAME>';
$mail->Password = '<PASSWORD>';
$mail->SMTPSecure = '';
$mail->smtpConnect([
'ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
]
]);
$mail->smtpClose();
$mail->From = '<[email protected]>';
$mail->FromName = '<MAIL FROM NAME>';
$mail->addAddress("<[email protected]>", '<SEND TO>');
$mail->isHTML(true);
$mail->Subject= '<SUBJECTHERE>';
$mail->Body = '<h2>Test Mail</h2>';
$isSend = $mail->send();
Upvotes: 0
Reputation: 943
for Laravel 5.4
for gmail
in .env file
MAIL_DRIVER=mail
MAIL_HOST=mail.gmail.com
MAIL_PORT=587
MAIL_USERNAME=<username>@gmail.com
MAIL_PASSWORD=<password>
MAIL_ENCRYPTION=tls
in config/mail.php
'driver' => env('MAIL_DRIVER', 'mail'),
'from' => [
'address' => env(
'MAIL_FROM_ADDRESS', '<username>@gmail.com'
),
'name' => env(
'MAIL_FROM_NAME', '<from_name>'
),
],
Upvotes: -1
Reputation: 23552
To resolve this problem you first need to check the SSL certificates of the host your are connecting to. For example using ssllabs or other ssl tools. In my case the intermediate certificate was wrong.
If the certificate is ok, make sure the openSSL on your server is up to date. Run openssl -v to check your version. Maybe your version is to old to work with the certificate.
In very rare cases you might want to disable ssl security features like verify_peer, verify_peer_name or allow_self_signed. Please be very careful with this and never use this in production. This is only an option for temporary testing.
Upvotes: 1
Reputation: 59
Reading app/config/mailphp
Supported : "smtp", "mail", "sendmail"
Depending on your mail utilities installed on your machine, fill in the value of the driver key. I would do
'driver' => 'sendmail',
Upvotes: -1
Related Questions
- LARAVEL 9. ERROR LARAVEL EMAIL: Unable to connect with STARTTLS: stream_socket_enable_crypto(): SSL operation failed with code 1
- PHP Warning: stream_socket_client(): Failed to enable crypto?
- laravel No supported encrypter found. The cipher and / or key length are invalid
- OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Failed to enable crypto
- "stream_socket_enable_crypto(): Peer certificate CN=`gains.nanosupercloud.com' did not match expected CN=`smtp.sendgrid.net'" in shared hosting
- PHP under Laragon - SSL operation failed with code 1
- SSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
- PHP Warning: stream_socket_enable_crypto(): SSL operation failed with code 1
- CodeIgniter: stream socket enable crypto SSL/TLS already set-up for this stream warning
- Installing Laravel resulted in unable to find the socket transport ssl