16

I was sending emails using gmail and everything was working perfectly, but suddendly it stoped working. And it shows me this

ErrorException in StreamBuffer.php line 94:

stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

in StreamBuffer.php line 94
at HandleExceptions->handleError('2', 'stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed', 'C:\xampp\htdocs\coparmex\vendor\swiftmailer\swiftmailer\lib\classes\Swift\Transport\StreamBuffer.php', '94', array())
at stream_socket_enable_crypto(resource, true, '9') in StreamBuffer.php line 94
at Swift_Transport_StreamBuffer->startTLS() in EsmtpTransport.php line 313
at Swift_Transport_EsmtpTransport->_doHeloCommand() in AbstractSmtpTransport.php line 118
at Swift_Transport_AbstractSmtpTransport->start() in Mailer.php line 79
at Swift_Mailer->send(object(Swift_Message), array()) in Mailer.php line 385
at Mailer->sendSwiftMessage(object(Swift_Message)) in Mailer.php line 171

And this only happends in my localhost, in the web host works fine. I don't understand what is going on :c

These are my gmail settings

MAIL_DRIVER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
MAIL_USERNAME=gmail
MAIL_PASSWORD=password
MAIL_ENCRYPTION=tls
jww
  • 97,681
  • 90
  • 411
  • 885
Saucyloco
  • 193
  • 1
  • 1
  • 10
  • It means that your server is misconfigured, use mailtrap or log driver for localhost, be happy that this does not happen on production server. Is it that hard to google around "stream_socket_enable_crypto(): SSL operation failed with code 1"? – Kyslik Jun 07 '17 at 21:37
  • You should create a well formed certificate for localhost. Also see [How do you sign Certificate Signing Request with your Certification Authority](http://stackoverflow.com/a/21340898/608639) and [How to create a self-signed certificate with openssl?](http://stackoverflow.com/q/10175812/608639) You will also need to place the self-signed certificate in the appropriate trust store. – jww Jun 08 '17 at 00:03

6 Answers6

40

Editor's note: disabling SSL verification has security implications. Without verification of the authenticity of SSL/HTTPS connections, a malicious attacker can impersonate a trusted endpoint (such as GitHub or some other remote Git host), and you'll be vulnerable to a Man-in-the-Middle Attack. Be sure you fully understand the security issues before using this as a solution.

You should add below code in /config/mail.php ( worked on laravel 5.4 )

'stream' => [
'ssl' => [
    'allow_self_signed' => true,
    'verify_peer' => false,
    'verify_peer_name' => false,
],
],

as you should never change code in vendors as suggested by Sultan Ahmad

miken32
  • 42,008
  • 16
  • 111
  • 154
  • 1
    +1 for not editing the vendor file and this should be marked as solution. Worked in laravel 5.5 as well (Y) – Rajendran Nadar Dec 30 '17 at 19:41
  • 4
    Please remember to post source when copy-pasting, if someone wants to upvote the proper answerer please see [this answer](https://stackoverflow.com/a/45999328/8104581). @VandolphReyes No it should not. This answer doesn't add anything to what the accepted answer already answers. –  Feb 20 '18 at 21:49
  • @Andrey, yes you're right. Sorry, I might in not able to notice the link he provide. Thanks for the heads up although it's been months. – Vandolph Reyes Feb 21 '18 at 10:43
  • I got this from laracast though, due to which I didn't post source @Andrey i am somehow new to stackoverflow should I add link of laracast here? –  Feb 21 '18 at 12:32
9

That's an error with your SSL certificate. You're trying to use a SSL connection (encrypted, secure connection) without a proper certificate.

That's because you're connecting from localhost, which isn't secure, and that is blocked by the connection. You could avoid that by changing your localhost connection to a SSL based one.

See this link for more details.

  • 2
    it worked adding these two lines $options['ssl']['verify_peer'] = FALSE; $options['ssl']['verify_peer_name'] = FALSE; In this file: vendor\swiftmailer\swiftmailer\lib\classes\Swift\Transport\StreamBuffer.php in the function _establishSocketConnection(), but of course I won't do this in production server – Saucyloco Jun 07 '17 at 22:53
  • @Saucyloco - I think you barely side-stepped the problem. You got lucky because it was `localhost`, so mail never left your logical security boundary. It would probably be better to leave TLS enabled on the socket. – jww Jun 08 '17 at 00:09
  • I did, as i say it works fine on production, I was having the problem only in localhost, when i upload the page I will erase those lines – Saucyloco Jun 09 '17 at 03:17
1

Hi I have also found this very useful on the server level: Edit \vendor\swiftmailer\lib\classes\Swift\Transport\StreamBuffer.php line 259 ish. comment out the $options = array(); and add the below.

$options = array(); 
$options['ssl'] = array('verify_peer' => false,
'verify_peer_name' => false, 'allow_self_signed' => true);

This work with Laravel 6.0

Josué Leo Moreno
  • 73
  • 1
  • 5
0

I had the same issue and was able to resolve by removing a level of authentication security. That is, at some point Gmail asked me for the phone number - 2nd level of authentication. When I deleted this 2nd level I was happy again. I hope I have helped.

Otrebla
  • 9
  • 1
-1

in Laravel : this will solve the problem. go to \vendor\swiftmailer\swiftmailer\lib\classes\Swift\Transport\StreamBuffer.php

inside method private function establishSocketConnection()

after this code

$options = array();
        if (!empty($this->params['sourceIp'])) {
            $options['socket']['bindto'] = $this->params['sourceIp'].':0';
        }

then add this two lines

$options['ssl']['verify_peer'] = FALSE;
$options['ssl']['verify_peer_name'] = FALSE;
Sultan Ahmad
  • 27
  • 1
-1

Add the following in .htaccess

php_value openssl.cafile "Path to cacert.pem"

Rajasekhar
  • 1