Today the SSL protocols stoped working. First I detected the captcha validation wasn’t working due to a SSL problem and now I see that PHPmailer cannot connect to Gmail servers that was working ok.
This site doesn’t have SSL but I have other site with SSL and has the same problem.
PLEASE HELP!!!
This is the error LOG of phpmailer
2020-08-04 22:49:18 Connection: opening to smtp.gmail.com:587, timeout=300, options=array()
2020-08-04 22:49:18 Connection: opened
2020-08-04 22:49:18 SMTP INBOUND: “220 smtp.gmail.com ESMTP h13sm305324wrx.17 - gsmtp”
2020-08-04 22:49:18 SERVER → CLIENT: 220 smtp.gmail.com ESMTP h13sm305324wrx.17 - gsmtp
2020-08-04 22:49:18 CLIENT → SERVER: EHLO bookshare.epizy.com
2020-08-04 22:49:18 SMTP INBOUND: “250-smtp.gmail.com at your service, [185.27.134.81]”
2020-08-04 22:49:18 SMTP INBOUND: “250-SIZE 35882577”
2020-08-04 22:49:18 SMTP INBOUND: “250-8BITMIME”
2020-08-04 22:49:18 SMTP INBOUND: “250-STARTTLS”
2020-08-04 22:49:18 SMTP INBOUND: “250-ENHANCEDSTATUSCODES”
2020-08-04 22:49:18 SMTP INBOUND: “250-PIPELINING”
2020-08-04 22:49:18 SMTP INBOUND: “250-CHUNKING”
2020-08-04 22:49:18 SMTP INBOUND: “250 SMTPUTF8”
2020-08-04 22:49:18 SERVER → CLIENT: 250-smtp.gmail.com at your service, [185.27.134.81]250-SIZE 35882577250-8BITMIME250-STARTTLS250-ENHANCEDSTATUSCODES250-PIPELINING250-CHUNKING250 SMTPUTF8
2020-08-04 22:49:18 CLIENT → SERVER: STARTTLS
2020-08-04 22:49:18 SMTP INBOUND: “220 2.0.0 Ready to start TLS”
2020-08-04 22:49:18 SERVER → CLIENT: 220 2.0.0 Ready to start TLS
2020-08-04 22:49:18 Connection failed. Error #2: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed [/home/vol9_6/epizy.com/epiz_26096xxx/htdocs/PHPMailer/SMTP.php line 454]
SMTP Error: Could not connect to SMTP host.
2020-08-04 22:49:18 CLIENT → SERVER: QUIT
2020-08-04 22:49:18
2020-08-04 22:49:18
2020-08-04 22:49:18
2020-08-04 22:49:18 Connection: closed
SMTP Error: Could not connect to SMTP host.
After a long desperate search and reading, I found this post in StackOverflow that helped me solve this problem, although I didn’t now what caused it in the first place. It seems to be something with the SSL but the weird thing is that I was having trouble in a non SSL site also.
Anyway… this is the link
$mail->SMTPOptions = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
)
);
We upgraded OpenSSL on our servers a few days ago. This may have resulted in SSL for SMTP breaking.
I’m going to do some investigation into this. The provided SMTPOptions are a good workaround until then. Please note that you should AVOID such SMTPOptions as much as possible, because fixing SSL issues by disabling most SSL security features is NOT a good solution.
Thank you Admin for your answer. I will wait if you find the solution. It stopped working yesterday at arround 9am ET if you find this time usfull to your research.
Best regards
That does correlate to the OpenSSL upgrade, which I’m 98% sure to be the cause.
Hello… is there any news if we can reactivate the security in the PHPmailer for the OpenSSL problem?
Thank you
From what it seems, I don’t think so, It will take at least a few days to identify the issue.
There isn’t much news. iFastNet has acknowledged the issue, but the issue is hard to fix, and even more complicated because the likely fix has the chance to break something else.
For me the trimmed code below also worked:
$mail->SMTPOptions = array(‘ssl’ => array( ‘verify_peer’ => false ) );
One big advantage is that self signed certificates are not allowed .
Also, as I understand, the domain ( e.g. smtp.google.com) is also verified, because I had also removed:
‘verify_peer_name’ => false,
Improves a lot the security for an eventual attack.
Is there any update on this ? Has anyone got a workaround with PHPMailer ?
I just got confirmed that a few hours ago the OpenSSL installation was fixed. All secure connections should now work again, whether that’s from cURL, file_get_contents or SMTP!
Thank you!
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.