0

I am getting the following warning when trying to configure and send mail using PHPMailer:

PHP Warning:  stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

I have looked around at the other solutions, and none of them work. Here are some particulars:

  1. My cert (from letsencrypt) is valid, at least in my Nginx config. My WordPress site serves securely with no errors. My PHP version is 7.0.xx

  2. I have tried adding the cert file location to php.ini, but it warns of a failure to load stream, even though the address is correct. Here is what I have tried (among others):

    openssl.capath = "/etc/letsencrypt/live/example.org/" This results in exactly the same error as above.

    I have also tried: openssl.cafile = "/etc/letsencrypt/live/example.org/fullchain.pem" but get warning: PHP Warning:failed loading cafile stream

My PHP mailer config (that is inside my wordpress functions file) looks like this:

        $phpmailer->Host = 'mail.example.org';
        $phpmailer->SMTPAuth = true;
        $phpmailer->Port = 587;
        $phpmailer->Username = 'myadminaccount@example.org';
        $phpmailer->Password = 'mypassword';
        $phpmailer->SMTPSecure = "tls";
        $phpmailer->From = "myadminaccount@example.org";
        $phpmailer->FromName = "MY Admin Account";

As I said, I have tried the various solutions elsewhere on the site, and none of them work. And I am baffled because my local cert (and the cert of the mail server for that matter) are both valid.

I don't really want to turn off peer verification as suggested elsewhere, but if I have to I guess I will.

Stephen
  • 8,038
  • 6
  • 41
  • 59
  • Hi, can i known wich version of PHP are you using? –  Sep 26 '17 at 11:47
  • if PHP version >= 5.6 the setting change and you can find a example here if you didn't https://stackoverflow.com/questions/31460941/php-5-6-ssl-certificate-verify regards. –  Sep 26 '17 at 11:55
  • Sorry I should have mentioned it is PHP 7.0, I will add it above. – Stephen Sep 26 '17 at 11:56
  • I believe the correct variable for the cacert is not the "default_cert_file", but instead the "ini_cafile" let try it :). –  Sep 26 '17 at 12:04
  • can you be more specific? Try what and in what file where? – Stephen Sep 26 '17 at 12:06
  • Ok i try to write a response but i need to known wich version OS are you using plz ;). –  Sep 26 '17 at 12:08
  • Ubuntu 16, and thanks! – Stephen Sep 26 '17 at 12:11
  • Just before adding a response did you tryed this issue ? https://stackoverflow.com/questions/26148701/file-get-contents-ssl-operation-failed-with-code-1-and-more/34617618 we don't need to duplicate answer, regards. –  Sep 26 '17 at 12:14
  • That is exactly what I am trying to avoid, I don't want to disable SSL, I just want it to work properly. And it SHOULD, because my certs are valid and my website pages are secure and valid. I don't understand why a PHP call of this sort would fail when everything else is valid. – Stephen Sep 26 '17 at 12:18
  • Your curl version run with PHP7? because the issue can be an Curl call wich run with php5 and no php7. –  Sep 26 '17 at 12:25
  • I am not using curl (at least not directly). I am just adding an init action to my wordpress functions file: `add_action( 'phpmailer_init', 'custom_smtp_settings' );` – Stephen Sep 26 '17 at 12:31
  • and everything else works fine. If I leave my settings out and use an SMTP plugin to accomplish the same thing, everything sends just fine. There is something about the settings above that make WP bypass the cert. – Stephen Sep 26 '17 at 12:33
  • sorry i can't add an answer :(, stackoverflow suspect me to being a robot lol :'(. –  Sep 26 '17 at 12:35
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/155334/discussion-between-headmax-and-stephen). –  Sep 26 '17 at 12:35

1 Answers1

1

UGH the solution was rather simple, and outside of what I wrote above. I was using a switch case to check to make sure my server was correct, like so:

switch ($_SERVER['HTTP_HOST']) {
        case 'https://example1.org':     
        // Set the hostname of the mail server
        $phpmailer->Host = 'mail.example1.org';

And I needed to leave out the https. So changing it to:

switch ($_SERVER['HTTP_HOST']) {
        case 'example1.org':     
        // Set the hostname of the mail server
        $phpmailer->Host = 'mail.example1.org';

got it working! I feel like a bonehead, but I hope this helps someone else.

Stephen
  • 8,038
  • 6
  • 41
  • 59