symfonyemailsslsmtpdsn

Symfony mailer SSL routines:tls_process_server_certificate:certificate verify failed

This is my firs time trying to send a mail via symfiny mailer and in generall a mail.

I'm not sure where or how I still need to configure something. So here is my mailer DSN Configuration.

MAILER_DSN=smtp://MAIL.com:PASSWORD@sslout.df.eu:465/?encryption=ssl&auth_mode=login

And I get the following error

Connection could not be established with host "ssl://sslout.df.eu:465": stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

The official documentation says (https://www.df.eu/blog/sslin-df-eu-sslout-df-eu/)

 Postausgangsserver:
Typ: SMTP
Servername: sslout.df.eu
Port: 465
Benutzername: Ihre E-Mail-Adresse
Kennwort: Das von Ihnen gewählte Passwort
SSL: Ja

Does anyone know what else I have to confgire for me beeing able so send emails ?

Thank you

Solution

  • I had the same problem and it was caused by a problem in the Exim4 configuration. Please note I did this on a local development server, disabling SSL on a production server is not safe. I've done this on Ubuntu 20.04 LTS.

    Check the exim4 configuration with:

    /usr/sbin/exim4 -bP tls_advertise_hosts

    If it says "tls_advertise_hosts = *", then it will check all hosts. See http://www.exim.org/exim-html-3.20/doc/html/spec_38.html You can verify this by running:

    sudo update-exim4.conf

    If you get this error message:

    Warning: No server certificate defined; will use a selfsigned one.
 Suggested action: either install a certificate or change tls_advertise_hosts option

    Then you know the tls_advertise_hosts option is the problem indeed. So you need to edit the configuration file:

    sudo nano /etc/exim4/exim4.conf.template

    Before ".ifdef MAIN_TLS_ENABLE", add the following line. (It is important to add it before ".ifdef MAIN_TLS_ENABLE", because MAIN_TLS_ENABLE probably is not defined at all, so it will not use any of the settings in its scope.)

    tls_advertise_hosts =

    So it will look like:

    tls_advertise_hosts =
.ifdef MAIN_TLS_ENABLE

    So without an asterisk! Then save the file and run the commands again:

    /usr/sbin/exim4 -bP tls_advertise_hosts
sudo update-exim4.conf

    Now exim4 should say "tls_advertise_hosts =" and the warning message should have disappeared.

    Now restart exim4:

    sudo systemctl restart exim4

    And try again in Symfony.

    See also this thread: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948573